I am looking for design options where I will have an internet router outside then a pix and vpn either next to each other or basically inline. I have seen that both seem reccomended. What are your opinions on this? Thanks!
Hi,
We've configured our pix the following way:
Pix: (eth0) outside, P-t-P to Internet router (eth1) inside, to internal lan (eth2) VPNOutside, to VPN Concentrator outside interface (eth3) VPNInside, to VPN Concentrator inside interface
This way the pix can filter both traffic from the internet to the vpn 3000 as well as traffic from the vpn 3000 to our internal lan. You need some additional interfaces though (or use logical, vlan, interfaces).
Erik
We have the PIX and the 3000 connected directly to a switch that connects to the internet router. That way if traffic gets intense, we don't over-load the PIX.
-Richard
Thanks guys. This is great information. I think that I would like the pix to filter out first, prior to the Concentrator getting the traffic directly from the internet.
Richard Graves wrote:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.