Remote access routing ?

Discussion in 'Cisco' started by kjo@kjohansen.dk, Jun 30, 2005.

  1. Guest

    I have a problem, please assist me !

    B --- C
    \ /
    \ /
    A <---- Remote Access Clients

    The setup is as follows :

    A Subnet : 192.168.1.0/24
    B Subnet : 192.168.2.0/24
    C Subnet : 192.168.3.0/24
    Remote Access subnet : 192.168.4.0/24

    Between A and B there's a tunnel
    Between A and C there's a tunnel
    between B and C there's a tunnel

    What i want is to be able to reach B and C as a remote Access Client,
    is that possible.
    The hardware is Cisco PIX v6.3(4)
    , Jun 30, 2005
    #1
    1. Advertising

  2. Guest

    I have this little twist to add.. maybe it could help
    B-----C
    \ /
    \ /
    A <--- Remote Access Clients accessing PIX515 (A node)
    | <--- Private subnet : 192.168.5.0/24
    Router
    |
    LAN <--- 192.168.1.0/24

    So it's really
    A subnet 192.168.5.0/24 - A's IP is 192.168.5.1 and a WAN ip off course
    Router IP WAN 192.168.5.3 - LAN 192.168.1.1
    LAN 192.168.1.0/24 Default GW 192.168.1.1
    B Subnet 192.168.2.0/24
    C Subnet 192.168.3.0/24

    Sad that i dont even know my own network ;-)
    , Jun 30, 2005
    #2
    1. Advertising

  3. Hi,

    Pix 6.3 has the limitation of not being able to send packets out the
    interface they came in on. So the answer is no, Pix 6.3 cannot do what you'd
    want.

    There is a solution though. Upgrade you're Site-A Pix to version 7.0, wich
    does includes support for this.
    You didn't specify if your pix is a 515 or 515E. I'm not sure if PIX7.0 is
    available for PIX515, I know it is for PIX515E.

    Success,

    Erik

    <> wrote in message
    news:...
    >I have a problem, please assist me !
    >
    > B --- C
    > \ /
    > \ /
    > A <---- Remote Access Clients
    >
    > The setup is as follows :
    >
    > A Subnet : 192.168.1.0/24
    > B Subnet : 192.168.2.0/24
    > C Subnet : 192.168.3.0/24
    > Remote Access subnet : 192.168.4.0/24
    >
    > Between A and B there's a tunnel
    > Between A and C there's a tunnel
    > between B and C there's a tunnel
    >
    > What i want is to be able to reach B and C as a remote Access Client,
    > is that possible.
    > The hardware is Cisco PIX v6.3(4)
    >
    Erik Tamminga, Jul 2, 2005
    #3
  4. Guest

    Thanks Erik

    The PIX is a 515E.

    What i thought about was NATting the Remoteaccess users, but i see your
    point..
    Have you got any clue about what an update to version 7.0 costs

    Regards

    Kenneth
    , Jul 2, 2005
    #4
  5. In article <>,
    <> wrote:
    :The PIX is a 515E.

    :What i thought about was NATting the Remoteaccess users, but i see your
    :point..

    You indicate that you have PIX 6.3(4) and that you have a 515.

    The 515 supports 3 physical interfaces, even with the restricted
    version, so if you have additional public IP space or can subnet
    the public IP space, there are approaches you can take with adding
    an interface.

    The 515 also supports "logical" interfaces, which are 802.1Q VLANs.
    To use those, you still need the same kind of IP space requirements
    as for a physical interface, and you also need a WAN router that
    supports 802.1Q VLANs, but you don't need to purchase a physical
    interface.


    :Have you got any clue about what an update to version 7.0 costs

    PIX-SW-UPGRADE= is the part number, and the list price appears
    to be $US1000, street price around $US700.


    Historically, Cisco has usually allowed people to go on SmartNet
    (and receive upgrades as part of the SmartNet entitlement) if they
    have been off support for less than 1 year. The appropriate part
    number would appear to be CON-SNT-PIX515 or possibly CON-SNT-PIX515R .
    I am having difficulty finding US pricing for either part number;
    it looks like the price is around $US1200 at most places -- but
    possibly as low as $US325 . One place claims that you should be
    able to use CON-SNT-PKG7 -- if so then that's around $US650.
    I would suggest asking a company that regularily does SmartNet
    contracts.
    --
    Are we *there* yet??
    Walter Roberson, Jul 2, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter Sale
    Replies:
    1
    Views:
    11,942
    Robin Walker
    Dec 11, 2004
  2. Moody Marco

    Bluetooth problem - Routing And Remote Access Service

    Moody Marco, Mar 18, 2005, in forum: Computer Support
    Replies:
    0
    Views:
    622
    Moody Marco
    Mar 18, 2005
  3. =?Utf-8?B?Sm/Do28gR29uw6dhbHZlcw==?=

    Routing and Remote Access

    =?Utf-8?B?Sm/Do28gR29uw6dhbHZlcw==?=, Jun 2, 2006, in forum: Wireless Networking
    Replies:
    2
    Views:
    530
    =?Utf-8?B?Sm/Do28gR29uw6dhbHZlcw==?=
    Jun 5, 2006
  4. imhotep
    Replies:
    0
    Views:
    583
    imhotep
    Jun 21, 2006
  5. imhotep
    Replies:
    0
    Views:
    525
    imhotep
    Jun 23, 2006
Loading...

Share This Page