VPN and Local pool using PIX
Posted on 2004-08-26
I am trying to set up remote access VPN connections for my workers using PPTP W2K/XP from home. I have a PIX 515 firewall configured with an outside interface with a public ip: X.X.230.64 and inside interace ip: 192.168.150.4. I understand that after a succesfull local authentication, PIX will assign an address from the IP range configured of the local pool. And this is where I still got confused: I see in many PIX configurations that the assigned network IPs in Local pool is different from the internal one. Lets say if my internal network uses private IPs in range of: 192.168.150.0/24, why do in most local pool configuration I see IPs range of different network, such as: ip local pool pptp-pool 220.127.116.11-18.104.22.168 ??? If the goal of a VPN connction is creating a local network for internet users, why do I need to assign them an IP wich is out of range fron my internal IPs ??. If I have no internal router (besides the PIX, of course), How can an internal domain be accessed ? Hope I`ve been clear enought....
I understand that this is could be simple quation for a VPN expert, but it is foudamental for those who are "VPN fresh meet".
Thank you for your help....