Pix VPN and routing

- C
- Christoph Gartmann
  
  Contact options for registered users
posted
18 years ago

Fri, Aug 26, 2005 6:26 PM

Hello,

the following scenario:

computer Internet Pix Inside LAN

"computer" has some arbitrary IP address and Cisco's VPN client. The Pix serves as a VPN gateway. Things are working so far but only if we add a routing statement for the route to "computer". What we would like to have is: all arriving encrypted traffic should be decrypted and then forwarded to the inside interface. On the other way, packets arriving at the inside interface for encryption should be sent towards the outside interface after encryption. How does one achieve this?

Pix 515 with software 7.0(1).

Regards, Christoph Gartmann

- L
- Lutz Donnerhacke
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Aug 26, 2005 6:27 PM

Use L2TP via VPN.

- C
- Christoph Gartmann
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sat, Aug 27, 2005 12:52 AM

May I ask what L2TP is?

Regards, Christoph Gartmann

- W
- Walter Roberson
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sat, Aug 27, 2005 1:57 AM

:>Use L2TP via VPN.

:May I ask what L2TP is?

Layer 2 Tunneling Protocol, which runs on top of IPSec. L2TP is useful if you want to be able to have a layer 2 connection between two locations instead of a layer 3 connection -- but since the PIX in question has 7.0 software, there's a layer 2 transparent firewall feature available.

I haven't reviewed the details of the original question, but my first thought is that L2TP doesn't look appropriate for the situation.