PIX Remote Access and Site-to-Site Tunnel
Posted on 2006-06-21
I have a scenario. I was wondering whether its possible to use a PIX 501 for both remote-access and site-to-site tunnel? Assume there's 3 networks, PIX internal network, ISA internal network and the PUBLIC internet. Both PIX and ISA has client machines behind em and they are both VPN servers for remote users with laptops. IPSEC VPN is working fine. Lets say I wanted to join both networks, both having different subnets, so users on the ISA network can ping machines behind the PIX network and vice versa. I also wanted to keep the capability of giving users to VPN into the PIX.
I tried creating some crypto map, I can only bind one active crypto map to the outside interface, one at a time. Are there any guides to make it work so that existing VPN users wont be affected, and the new network is the joined ISA and PIX network?