[nsp] PIX fully mesh
Charlie Winckless
charliew at netarch.com
Fri Dec 5 11:08:18 EST 2003
>
> Dear all,
>
> maybe sombody can help me. I am running a VPN with 30 506E
> hub and spoke to
> a 515.
> My vendor told me that in a hub and spoke config, connections
> between the
> branch offices (506E)
> are not possible, only connections to the hub site (515).
> Cisco plans to
> implement this Q3/04 starting
> with release 7.x
>
They're going to fix it? I can't decide if that's good
or bad, since one of the primary tricks with the PIX is
that the traffic won't go in and out the same interface
at all...
> My question :
>
> Is there a tool to automate configs, push the config to the
> pix, and verify
> the tunnels ?
> Is CW able to do this ?
I have a customer using CSPM to do this. It's not exactly
a wonderful solution, unfortuately. I haven't tried to use
VMS to do it.
Another option might be (at a similar price) to centralise
your tunnels on a router at the head end and do hub and spoke
that way?
--
Charlie Winckless, CCIE #7331 | |
Senior Consulting Engineer | |
Network Architechs ||| |||
u: http://www.netarch.com .|||||. .|||||.
e: charliew at netarch.com .:|||||||||:.:|||||||||:.
p: (505) 256-9047 x144 Cisco Systems Partner
f: (505) 256-9091 Silver Certified
PGP: 09DE 5C1A 6984 01C4 152F 3ED0 CAED 17A1 C07A 7E5C
-----------------------------------------------------------
More information about the cisco-nsp
mailing list