RE: [fw-wiz] VPN Design - is it possible
- From: "Paul Melson" <pmelson@xxxxxxxxx>
- Date: Thu, 22 Dec 2005 09:42:51 -0500
-----Original Message-----
Subject: [fw-wiz] VPN Design - is it possible
> My question is : is it possible to have 2 separate VPN connection to the
same SITE ( looking
> from B,C,D,E point of view - they would see the LAN behind SITE A using 2
separate IPSec
> tunnels)? Has anyone done or seen anything similar? Do you have a better
plan using the
> given, options??
You cannot have two tunnels on a single PIX that have the same crypto map
match access-list. However, if I understand your diagram correctly, you
shouldn't need to do this. You should be able to configure the two external
routers at Site A to create a redundant path to one of the firewalls there.
More here:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration
_example09186a008052d450.shtml#diag
If you need device failover for the firewalls at Site A, you're going to
have to upgrade to 515's or better.
PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] VPN Design - is it possible
- From: Julian M D
- [fw-wiz] VPN Design - is it possible
- Prev by Date: SV: [fw-wiz] VPN Design - is it possible
- Next by Date: RE: [fw-wiz] VPN Design - is it possible
- Previous by thread: [fw-wiz] VPN Design - is it possible
- Next by thread: RE: [fw-wiz] VPN Design - is it possible
- Index(es):
