Is it possible to setup a g2g using a dfl-200 and a PIX? I can have all the users at the remote office connect using the cisco VPN client but I have a DLINK DFL-200 there as well. The users are complaining about the multiple sign in process and they are already using a VPN tunnel to another remote site. I am aware that NAT traversal is not supported on the PIX, is that somehow a problem?
Thanks,
Richard
Hi Richard,
Please explain again. What's a g2g? Do you mean site-to-site connection? And what about NAT traversal. PIX OS 6.3 does support NAT traversal in their IPSec/IKE negotiations.
Erik
Erik, Yes g2g is Gateway to Gateway or SIte to Site. I saw the acronym somewhere.
We are now part of a larger corporation which standardized on the PIX FW. I was told by their sys admin that the VPN tunnel was not working because that particular PIX did not support NAT traversal? I don't see that it would be a problem since the end points are at each gateway.
We have been swapping out old 3com FWs (3cr856) with the DLINK DFL-200 at our remote sites (very small offices). I want to keep the DFL-200s to save money.
Ok. Unless there are ipsec incompatibilities (which have been seen before) the setup should work. One thing your PIX administrator might have problems with is that they're using the same IP address ranges you are using and is not capable of NAT-ing the ranges to overcome this issue.
Erik
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.