Pix 501
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by RG on May 17, 2008, 10:52 pm
Please log in for more thread options 1. Can I define the inside network to be on 192.168.0.0 subnet? 2. Can I do this? | | machine A interface 192.168.3.9 || --------------- || port 0 of PIX router|| and | | machine B interface 192.168.4.4 || ----------------- || port 1 of PIX router|| If everything above is yes, when connected to via vpn, will pix router know to route ip 192.168.4.4 via port 1? Thanks in advance | ||||||||||||||||
|
Posted by Walter Roberson on May 17, 2008, 11:41 pm
Please log in for more thread options >My vpn ip address pool is 192.168.4.100 - 192.168.4.200.
>1. Can I define the inside network to be on 192.168.0.0 subnet?
Yes. >2. Can I do this? | | machine A interface 192.168.3.9 || ---------------
>|| port 0 of PIX router|| > and | | machine B interface 192.168.4.4 >|| ----------------- || port 1 of PIX router|| Yes; however, machine B will likely not be reachable over any VPN that gets its address from the vpn IP address pool. >If everything above is yes, when connected to via vpn, will pix router know
>to route ip 192.168.4.4 via port 1? Probably not, but sometimes it works even though it really should not. Your VPN ip address pool should be an IP range that is not in the same subnet as your inside interface, so that your inside hosts will know they have to route to the VPN hosts instead of trying to connect to them directly over the local LAN. | ||||||||||||||||
