Hey Experts -
I am having trouble figuring out how to set up a simple Pix-to-Pix VPN (both 501's with 6.3 and 3DES). I have a co-lo with one PIX, and my office with the other. Each PIX has its own LAN address.
Co-Lo: 10.1.1.x (fixed external IP) Office: 10.1.0.x (dynamic external IP)
Each PIX acts as a gateway for its own LAN and can connect its respective LAN to the web without any trouble at all.
What I would REALLY like to do is build a 3DES VPN tunnel between these PIXes, and be able to transparently ping hosts on the peer's LAN as if they were all local. In other words, I would like to be able to ping
10.1.1.10 from the office LAN and get responses back as if it was all on the local LAN, ya know?Obviously, ICMP is not the only thing I need, but you get the idea - the routing has to just WORK. Simultaneously, each PIX should route traffic NOT destined for its peer's LAN directly to the Internet.
Is this possible? If so, is anybody willing to give me a 5 minute lesson on how to set it up? Please note that the office PIX has a DYNAMIC routable address. Also, you should know that the co-lo PIX already has a PPTP VPN set up on it that works perfectly for SOHO users of our network. Man, it would be great if I could use the PDM to configure it all.
Thanks in advance for your help!