[c-nsp] VPN Tunneling question
Graham Wooden
graham at g-rock.net
Sun Nov 29 11:52:16 EST 2009
Hi all,
I am bringing up a new remote location that is currently being served by a
DSL line. This site will ultimately be served with my own PtP solution, but
in the time being and to help with the migration, I want to deploy a
routable subnet at the location using a VPN solution between two PIX
firewalls. I drew up a diagram depicting this, and can be found at:
http://www.iamforeverme.com/VPN_Issue_diagram.pdf
Other than the some routing statements that need to be put in at my edge and
core routers, anything I need to do on the main site's firewall to
facilitate traffic coming in/out on the outside interface? The 525 is
currently running v7.0.2.
I was thinking about doing a GRE tunnel but since I have an extra 506e
(v6.3.5) that I would just use that and do a IPSEC tunnel to my 525 at my
main site. I want all the traffic at the remote site to transverse the VPN
tunnel, since it's source addressing will be a public subnet originating at
the main site.
Seems like a common setup, no? Any thing else I need to consider?
Thanks all,
-graham
More information about the cisco-nsp
mailing list