Cisco 3.x to PIX vpn with internet via tunnel

Hello and thanks in advance for reading my post.

I currently have a basic setup for client to pix vpn which works good. I am using Cisco 3.x and 4.x clients and ipsec using vpngroup features on a PIX 506E firewall. Again everything works. I have come across a need however to have all internet traffic from the remotes using the client to go out of the firewall they are vpning into. The reason is... because we have a customer we access who has to limit the connection they allow to the IP address of the PIX. So everyone inside our network is fine and can access the customer with no problem. The remote users however, are another story. How can I configure the tunnel to basically "use the remote gateway" for internet traffic?

Any help is greatly appreciated. Again thanks.

J.P. Plante snipped-for-privacy@tech-ii.com

In article , JP Plante wrote: :I currently have a basic setup for client to pix vpn which works good. :I am using Cisco 3.x and 4.x clients and ipsec using vpngroup features :on a PIX 506E firewall. Again everything works. I have come across a :need however to have all internet traffic from the remotes using the :client to go out of the firewall they are vpning into.

You can't do that with a 506E with any supported software version.

You will be able to do it if/when Cisco makes PIX 7.0 available for PIX 506/506E.

: The reason :is... because we have a customer we access who has to limit the :connection they allow to the IP address of the PIX. So everyone :inside our network is fine and can access the customer with no :problem. The remote users however, are another story. How can I :configure the tunnel to basically "use the remote gateway" for :internet traffic?

If your outside router supports VLANs then with the 506/506E (but NOT the 501) if you have spare IP addresses then you can do work-arounds involving VLANs. For more information see

formatting link