Howto hit an external ip with VPN|
|
|
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by Boban on September 27, 2005, 4:11 pm
Please log in for more thread options
I have one question. How do i hit an external ip address through a VPN connection to my Cisco Pix 501. The problem is, that i can only hit the external site from my PIX outside ip address . thnx :) /Jacob | |||||||||||||
|
Posted by Walter Roberson on September 27, 2005, 8:45 pm
Please log in for more thread options :connection to my Cisco Pix 501. :The problem is, that i can only hit the external site from my PIX :outside ip address . Sorry, I am not sure exactly what you want to do. If you want to be able to connect to a PIX 501 through a VPN from outside, and have traffic on that VPN able to go out to the internet through the outside interface, then that is something that cannot be done on the PIX 501. Several other PIX models make it -possible- in 6.2 or 6.3, but it is "work" to set up and requires multiple public IP addresses. You could do it in PIX 7.0, but 7.0 is supported only on the 515/515E, 525, and 535 for now. You might perhaps mean something different, though: you might be asking how you can have a VPN connection in which the VPN user connects to a resource on the inside of the PIX 501, using the external IP address of the resource instead of the internal IP address. If that is what you are trying to do, then you either need to adjust the crypto map match address ACL and the nat 0 access-list ACL (both). If you are using vpn groups instead of crypto maps, you would need to change the nat 0 access-list ACL, and possibly adjust the "split-tunnel" ACL if you are using one. -- | |||||||||||||
|
Posted by Boban on September 28, 2005, 3:05 pm
Please log in for more thread options Walter Roberson wrote:
Correct.. I want to use my laptop from the internet. Connect through a VPN connection to my PIX501 at home, and then use my tunnel on the VPN connection to go out on the internet through the PIX501 outside IP address. What i can see from your answer that i not possible. :( Thank for you answer | |||||||||||||
| Similar Threads | Posted |
| Howto hit an external ip with VPN | September 27, 2005, 4:11 pm |
| Howto Show RIB and FIB ? | March 18, 2007, 12:21 pm |
| Pix 501 Firewqll config - howto | November 14, 2005, 10:49 am |
| Allow WAN access to LAN server Howto? | August 7, 2006, 6:47 am |
| Re: Cisco 827 IPv6 Configuration Howto | August 1, 2005, 3:12 pm |
| Access outside address from the inside (howto) | April 7, 2008, 9:19 am |
| enable cli command logging howto | December 18, 2009, 5:30 pm |
| HowTo assign DNS Server with "ip local pool" | September 3, 2007, 5:22 am |
| HowTo select the certificate for web-based authentication (HTTPS-cert) | December 6, 2006, 7:10 am |
| Voip Updated Howto,Voip ATT Home (October Update) | October 29, 2006, 9:00 am |
| Voip Updated Howto,Voip AT Home | June 28, 2006, 9:02 pm |
| PIX VPN using external addresses | September 6, 2005, 8:33 pm |
| PIX 515 Switch 8 External IPs | October 24, 2005, 3:37 pm |
| Map external IP as internal IP? | November 3, 2005, 11:08 am |
| PIX with two external Netowrks | January 20, 2006, 9:22 am |
|
Home Cabling GuideFinally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language! Learn More |
> :connection to my Cisco Pix 501.
>
> :The problem is, that i can only hit the external site from my PIX
> :outside ip address .
>
> Sorry, I am not sure exactly what you want to do.
>
> If you want to be able to connect to a PIX 501 through a VPN from
> outside, and have traffic on that VPN able to go out to the internet
> through the outside interface, then that is something that cannot be
> done on the PIX 501.
>
> Several other PIX models make it -possible- in 6.2 or 6.3, but it is
> "work" to set up and requires multiple public IP addresses. You could
> do it in PIX 7.0, but 7.0 is supported only on the 515/515E, 525, and
> 535 for now.
>
>
> You might perhaps mean something different, though: you might be asking
> how you can have a VPN connection in which the VPN user connects to
> a resource on the inside of the PIX 501, using the external IP address
> of the resource instead of the internal IP address. If that is what
> you are trying to do, then you either need to adjust the crypto map
> match address ACL and the nat 0 access-list ACL (both). If
> you are using vpn groups instead of crypto maps, you would need to change
> the nat 0 access-list ACL, and possibly adjust the "split-tunnel" ACL
> if you are using one.