RE: [fw-wiz] PIX to Router IPSec

From: Shirley, David (
Date: 06/09/04

  • Next message: Vinicius Moreira Mello: "RE: [fw-wiz] VLAN Security"
    To: <>, <>
    Date: Wed, 9 Jun 2004 13:45:52 +1000

    Hi Tony,

    Not sure if anyone has helped you with this but my advise is as follows:

    Forget about the router with the 2 public IP's - just so long as it will
    permit IPSEC traffic through it to the PIX it will be fine.

    Basically you are setting up a VPN tunnel from PIX to PIX - if you need
    help with conf's check out there are many PIX -> * VPN example

    You can go PIX->router but you need to work out what is *best* for you -
    ie who will be using the VPN? Clients behind the PIX or clients behind
    the router? If it's clients behind the PIX I would terminate the VPN at
    the PIX rather than the router!


    David Shirley
    Telstra InterNetworking Solutions
    INS Firewall Team
    Phone: (03) 86615977
    Mobile: 0417020119

    > -----Original Message-----
    > From: []
    > Sent: Tuesday, 8 June 2004 9:18 AM
    > To:
    > Subject: [fw-wiz] PIX to Router IPSec
    > Need some advice on the following:
    > I'm going to establish a PIX to Router IPSec tunnel between two
    > The PIX has a public IP and a private IP, and the router has two
    > IPs.
    > I'm having trouble wrapping my mind around this. Since the router has
    > public IPs, I will need to pass the traffic to another PIX that sits
    > behind the router, since that second PIX has a public IP and a private
    > Is this making any sense? Or is what I'm trying to do not possible?
    > worse comes to worse, I can just go from PIX to PIX.
    > Thanks
    > Tony
    > _______________________________________________
    > firewall-wizards mailing list
    firewall-wizards mailing list

  • Next message: Vinicius Moreira Mello: "RE: [fw-wiz] VLAN Security"