b_man_2001
asked on
pix 515 vpn site to site tunnelopne but no network or web access
I have 2 pix 515 in a tunnel up but cannot see the other network of inside interfaces.
192.168.1.0 | | 192.168.2.0
A-Network B-Network
________ _________
PC-A <-------> | PIX 515 | <-------------------------
------------ -------------
192.168.1.11 202 | | 1 192.168.2.11
what can i do to allow access to each network?
how can a allow access to pc-b from pc-a (both ways) on A and B network?
192.168.1.0 | | 192.168.2.0
A-Network B-Network
________ _________
PC-A <-------> | PIX 515 | <-------------------------
------------ -------------
192.168.1.11 202 | | 1 192.168.2.11
what can i do to allow access to each network?
how can a allow access to pc-b from pc-a (both ways) on A and B network?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
this will allow access though tunnel end to end (A network to B network) right?
new question?
can i allow access to B-Network like RDP/80/443 to access pc-b from the internet? not though the tunnel.
new question?
can i allow access to B-Network like RDP/80/443 to access pc-b from the internet? not though the tunnel.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hairpinning
what is that?
notes below
==========================
192.168.1.0 | | 192.168.2.0
A-Network B-Network
________ _________
PC-A <-------> | PIX 515 | <-------------------------
------------ | -------------
192.168.1.11 202 | | | 1 192.168.2.11
|
|
internet access
--so on the out side int on B-Network cab be config as a tunnel site to site and allow rdp/80/443 traffic from the internet?
--could this connect handle about 300 to 600 kb of traffic on internet inf at the same time tunnel is up?
what is that?
notes below
==========================
192.168.1.0 | | 192.168.2.0
A-Network B-Network
________ _________
PC-A <-------> | PIX 515 | <-------------------------
------------ | -------------
192.168.1.11 202 | | | 1 192.168.2.11
|
|
internet access
--so on the out side int on B-Network cab be config as a tunnel site to site and allow rdp/80/443 traffic from the internet?
--could this connect handle about 300 to 600 kb of traffic on internet inf at the same time tunnel is up?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
both if a can.
I looking in to DR co-location site. setup to send data secure site to site and allow rdp/80/443 traffic from the internet
I looking in to DR co-location site. setup to send data secure site to site and allow rdp/80/443 traffic from the internet
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK
how do i config a port forward on a pix that is configured as a site to site tunnel? (B-Network - hairpin)
how do i config a port forward on a pix that is configured as a site to site tunnel? (B-Network - hairpin)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
can i assign multiple IP addresses on B-Network PIX? I have 2 public ip addresses for that location.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
because to i'm looking for a way to have B-Network serve as a total backup site for web access to our backup data for DR.
ASKER
MikeKane:
Accessing ports from the internet on pc b will depend on where your internet connection is located at. If its on PIX-B then you need to add either a static map or a port forward from outside to inside for those ports to an internal server.
--------------------------
What is the command and how is it done?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK
seeing that tunnel is up. what are the steps for net-b hairpin. because ATT DNS i understand but will the hairpin a net-b work with www before, during, and after DR.
seeing that tunnel is up. what are the steps for net-b hairpin. because ATT DNS i understand but will the hairpin a net-b work with www before, during, and after DR.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all the information.This will get me on the right path.
thx
thx
ASKER
can you show me a sample ip route statement?