Incoming VPN and site to site VPN problems

Discussion in 'Cisco' started by Nathan Simpson, Aug 14, 2004.

  1. Hi,

    We have a 506E running 6.3.4

    We only have 1 IP address to play with so we use PAT on the outside
    interface.

    Can we have PPTP and IPSEC enable on the outside interface to allow incoming
    VPN connections and also enable a IPSEC VPN tunnel to another PIX? Which may
    also turn into a 2nd VPN tunnel if another site comes online.

    If so, how.

    Every time I run the "crypto map xxx interface outside" command things seem
    to stop working.

    I have heard about VLANs but I am not quite sure how they fit into our
    situtaion as we only have 1 IP address.

    TIA

    Nathan
     
    Nathan Simpson, Aug 14, 2004
    #1
    1. Advertising

  2. Nathan Simpson

    PES Guest

    "Nathan Simpson" <> wrote in message
    news:M6oTc.57379$...
    > Hi,
    >
    > We have a 506E running 6.3.4
    >
    > We only have 1 IP address to play with so we use PAT on the outside
    > interface.
    >
    > Can we have PPTP and IPSEC enable on the outside interface to allow
    > incoming
    > VPN connections and also enable a IPSEC VPN tunnel to another PIX? Which
    > may
    > also turn into a 2nd VPN tunnel if another site comes online.
    >
    > If so, how.
    >
    > Every time I run the "crypto map xxx interface outside" command things
    > seem
    > to stop working.
    >
    > I have heard about VLANs but I am not quite sure how they fit into our
    > situtaion as we only have 1 IP address.
    >
    > TIA
    >
    > Nathan


    All should not be a problem. However PPTP and IPSec clients terminating on
    the PIX will not have access to the other tunnels. If everything is
    stopping when you apply the crypto map, your crypto acl is probably not
    right. The only limitation that I can think of right off is that if the
    outside interface is terminating pppoe, pptp is not permitted. I have not
    exhaustively tested the pptp and ipsec together, but I have had a PIX
    configured to accept pptp and ipsec clients with no problems. I did not
    stress test it though.
     
    PES, Aug 14, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rick Stromberg
    Replies:
    7
    Views:
    9,954
    luisjimher
    Jun 3, 2011
  2. mjk

    Problems with outgoing and incoming emails

    mjk, Jan 10, 2004, in forum: Computer Support
    Replies:
    4
    Views:
    529
    °Mike°
    Jan 10, 2004
  3. Jeff
    Replies:
    5
    Views:
    1,111
  4. Michael Bower
    Replies:
    3
    Views:
    4,659
    beenthere
    Oct 1, 2006
  5. pasatealinux
    Replies:
    1
    Views:
    2,081
    pasatealinux
    Dec 17, 2007
Loading...

Share This Page