[c-nsp] pix bizarre vpn issue
Eric Girard
egirard at focustsi.com
Thu Nov 16 10:52:09 EST 2006
Alex,
Do you have the appropriate NAT exemptions on the DMZ interface?
That is what got me the first time I tried to do this.
Eric
Eric Girard
Systems Engineer
Focus Technology Solutions Inc.
http://www.focustsi.com
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Alexandre Durand
Sent: Thursday, November 16, 2006 8:57 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] pix bizarre vpn issue
Hi,
i m being established a vpn tunnel between two pix (515--> 501). If i
configure the vpn tunnel with the encryption domain 10.5.10.0/24 ---
10.5.245.0/24, it works perfectly. However if i use the encryption
domain 194.42.../27 -- 10.5.245.0/24, it doesn t work !! 194.42.../27
range belongs to a puclic network
in fact 194.42.../27 is dmz
Can we establish a vpn tunnel with encyption domain public(dmz)--private
?
Alex
--
Alexandre Durand
Edge Network Engineer
A: The Cloud Networks Ltd
54 Bartholomew Close
EC1A 7RY
M: 0770 291 1805
W: www.thecloud.net
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list