[c-nsp] VPN Tunneling question

Graham Wooden graham at g-rock.net
Wed Dec 2 07:55:59 EST 2009


Seems like my other email on Sunday (hairpinning VPN client) probably
answered this as well.  In this case, already have the 525 with the v7.x
code on it.

-graham


On 11/29/09 10:52 AM, "Graham Wooden" <graham at g-rock.net> wrote:

> Hi all,
> 
> I am bringing up a new remote location that is currently being served by a
> DSL line. This site will ultimately be served with my own PtP solution, but
> in the time being and to help with the migration, I want to deploy a
> routable subnet at the location using a VPN solution between two PIX
> firewalls. I drew up a diagram depicting this, and can be found at:
>     http://www.iamforeverme.com/VPN_Issue_diagram.pdf
> 
> Other than the some routing statements that need to be put in at my edge and
> core routers, anything I need to do on the main site's firewall to
> facilitate traffic coming in/out on the outside interface? The 525 is
> currently running v7.0.2.
> 
> I was thinking about doing a GRE tunnel but since I have an extra 506e
> (v6.3.5) that I would just use that and do a IPSEC tunnel to my 525 at my
> main site. I want all the traffic at the remote site to transverse the VPN
> tunnel, since it's source addressing will be a public subnet originating at
> the main site.
> 
> Seems like a common setup, no?  Any thing else I need to consider?
> Thanks all,
> 
> -graham
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list