Hi folks,
I have a PIX 501 with public IP on the outside interface. I want to setup 2 VPNs on 2 other companies VPN devices or using cisco vpn client, both would connect to the outside interface. If I do this will clients on both the companies VPNs be able to talk to each other? I'm thinking of the rule "pix can't route traffic back through the same interface it came in on" or does this rule not apply when were talking about VPN's?
Company1 Company2 | / Public IP PIX
If it did apply then could I have 2 PIX 501's, one pix (pix1) with the outside interface mapped to a public IP and another pix (pix2) with the outside interface mapped to an internal IP but NAT'd to a public IP (nating would be done by pix1) one of my vpn's could terminate at pix1 and the other at pix2. This would ensure traffic travelled over both interfaces of pix1.
Company1 | Public IP Pix1 Internal IP | Internal IP (nat'd to public IP) - Company 2 Pix2
surely there would be an easier way to do this? If you can recommend any other way or any other devicae rather than a pix then let me know. Also don't worry about security between company 1 and 2, I'm just using these as easy to follow examples.
Any help would be gratefully received.
cheers Dave