Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

PIX 506e VPN Tunnel based on OSPF Routes

Posted on 2004-08-23
2
356 Views
Last Modified: 2013-11-16
I have a PIX 506e in a remote office that has OSPF capabilities. The endpoint is a VPN 3000 concentrator on my corporate network that is transfering the OSPF routes to the PIX.

Is it possible to build a VPN tunnel on the PIX based on the learned OSPF routes? Or do I have to tunnel everything, including internet traffic, back to the concentrator and let the concentrator make the routing decisions? If I have to tunnel everything back, I will not bother setting up OSPF on the PIX.

What do you think?
0
Comment
Question by:mousers
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 200 total points
ID: 11869942
Hi mousers,
Personally I would not use OSPF on the PIX unless your network is so large that defining static routes would be a problem.

Have a look at this configuration example as it deals with passing ospf routing across a VPN.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800a43f6.shtml
0
 

Author Comment

by:mousers
ID: 11869985
I'll take a look.

Yes, my Corporate LAN is hooked into a larger Corporate Intranet (the people who own us) and there are too many routes to define statically.
I have been adding static routes up to now but it is getting unmanagable.
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question