Betr.: [nsp] PIX OS 6.3 and VPN/VPDN
charly at basler.net
charly at basler.net
Mon Jul 12 16:55:23 EDT 2004
Hi
If you don't use static VPN connection you can create
"Split Tunnel" for EasyVPN Users.
:-)
Charly
Am Mon, 12 Jul 2004 12:57:41 -0700 schrieb Tony Mucker
> Message-Id: <40F2ED35.7080300 at tonymucker.com>
> List-Help:
<mailto:cisco-nsp-request at puck.nether.net?subject=help>
> X-Envelope-From: Tony at tonymucker.com
> List-Unsubscribe:
<https://puck.nether.net/mailman/listinfo/cisco-nsp>,
>
<mailto:cisco-nsp-request at puck.nether.net?subject=unsubscribe>
> From: Tony Mucker <Tony at tonymucker.com>
> List-Id: "list for people using cisco in a NSP
\(Network service provider\)
> environment" <cisco-nsp.puck.nether.net>
> X-Accept-Language: en-us, en
> Received: (cpmta 7625 invoked from network); 12 Jul
2004 13:47:48 -0700
> Received: from 204.42.254.5 (HELO puck.nether.net)
> by smtp.c000.snv.cp.net (209.228.32.60) with SMTP;
12 Jul 2004 13:47:48 -0700
> Received: from puck.nether.net (puck.nether.net
[204.42.254.5])
> by puck.nether.net (8.13.0/8.12.9) with ESMTP id
i6CKl5jO004980;
> Mon, 12 Jul 2004 16:47:46 -0400 (EDT)
> (envelope-from cisco-nsp-bounces at puck.nether.net)
> Received: from ex2002.master.kanisa.com
(mail.kanisa.com [67.104.106.36])
> by puck.nether.net (8.13.0/8.12.9) with SMTP id
i6CKl3XI004967
> for <cisco-nsp at puck.nether.net>; Mon, 12 Jul 2004
16:47:03 -0400 (EDT)
> (envelope-from Tony at tonymucker.com)
> Received: from [172.17.1.46] ([172.17.1.46]) by
ex2002.master.kanisa.com with
> Microsoft SMTPSVC(5.0.2195.5329); Mon, 12 Jul 2004
12:57:44 -0700
> Date: Mon, 12 Jul 2004 12:57:41 -0700
> User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
> Content-Type: text/plain; charset=ISO-8859-1;
format=flowed
> Errors-To: cisco-nsp-bounces at puck.nether.net
> List-Post: <mailto:cisco-nsp at puck.nether.net>
> X-Mailman-Version: 2.1.5
> X-Received: 12 Jul 2004 20:47:48 GMT
> Subject: [nsp] PIX OS 6.3 and VPN/VPDN
> X-Beenthere: cisco-nsp at puck.nether.net
> List-Subscribe:
<https://puck.nether.net/mailman/listinfo/cisco-nsp>,
>
<mailto:cisco-nsp-request at puck.nether.net?subject=subscribe>
> Precedence: list
> Delivered-To: basler.net%charly at basler.net
> Return-Path: <cisco-nsp-bounces at puck.nether.net>
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> To: cisco-nsp at puck.nether.net
> Sender: cisco-nsp-bounces at puck.nether.net
> List-Archive:
<https://puck.nether.net/pipermail/cisco-nsp>
> X-Originalarrivaltime: 12 Jul 2004 19:57:44.0473 (UTC)
> FILETIME=[7F3C1890:01C4684A]
>
> Hello again everyone,
>
> I've almost got my PIX completely integrated into my
> new environment (it
> replaced a a Checkpoint FW1 that was sadly out of
date).
>
> The last step comes this Friday, when I switch my
users
> over to the new
> VPN set up on the PIX. I've got both VPDN (for MS
> PPTP) and the
> VPNGROUP (for the Cisco Clients) configured. However,
> using either
> connection, my users can get inside the network fine,
> but they can't get
> out (to the regular internet).
>
> Two questions:
>
> 1) How do I set up the VPN configs to allow them
> access to the outside
> world while VPN'd in? Is this something handled on
the
> client side?
>
> 2) Is it possible for the client/PIX to send all
> traffic not destined
> for the internal side through the client's LAN
gateway?
> I only have a
> T1, and it's already abused as it is.
>
> Thanks again
> Tony
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
This e-mail may contain confidential and/or privileged
information. If you are not the intended recipient (or
have received this e-mail in error) please notify the
sender immediately and delete this e-mail. Any
unauthorised copying, disclosure or distribution of
the material in this e-mail is strictly forbidden
More information about the cisco-nsp
mailing list