ipsec tunnel on cisco pix 501
Posted on 2005-04-24
I have two Cisco pix 501. One is connected to a centric ADSL line which is our main ADSL line and the other pix 501 is connected to the backup ADSL line. Both Cisco pix are running on different public IP address, but internally, they are on the same network connected to the same switch. The main pix internal IP is 192.168.58.1 and the backup is 192.168.58.3. Now, on the main pix, we have a branch office VPN tunnel to a checkpoint FW in Switzerland which is working ok. The plan is to connect the backup pix as well to the checkpoint FW having the same config as on the main pix acting as a failover if the main ADSL line goes down.
The problem is, I cannot establish the branch office VPN Tunnel between the second pix and the checkpoint FW because the second pix is on the same internal subnet as the main pix which is confusing the checkpoint FW event though both pix are using different public IP address.
I need a recommendation on how to solve my problem.
1, A way to get the tunnel to work on both pix even though they are connected internally on the same network.
2, if the above is impossible, please recommend a cisco products that will work.