Solved

Cisco Pix with 2 sites connected by Point to Point Tunnels - Need Cisco VPN Client 4.6 to gain access to both sites

Posted on 2006-06-19
2
230 Views
Last Modified: 2010-03-18
Hi There,
I have 2 sites connected to each other via point to point tunnels. Lets call the 2 sits HQ and Branch. The Point to Point VPN is easy enough. However our end users need to be able to connect to HQ via the Cisco VPN client and also have access to the Branch server resources through the one connection. Currently we have 2 Cisco Pix 501's at each site with remote users having to VPN in to each site individually.  I'm aware that the Pix 515 with software release V.7 allows this function, but i'm trying not to buy additional hardware.  Any Ideas or experiences?
0
Comment
Question by:brizk71
2 Comments
 
LVL 4

Expert Comment

by:averyb
ID: 16941751
Not going to be able to do what you want.  

Traffic comes into the outside interface on the PIX from the Internet.  To reach the other site, traffic would have to go back out the outside interface to traverse the VPN tunnel across the Internet. Firewalls do not allow traffic to go back out the same interface it came in on.

0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 200 total points
ID: 16942027
You want to take that 'U' turn, then only 7.x allows that. Can't help it, it was one of the feature introduced. You'll have to live with 2 profiles.

Cheers,
Rajesh
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question