| View Question |
|
|
 | ||
|
| Subject:
Advanced Cisco pix 525 v6.3.5 site-to-site VPN with inside AND DMZ
Category: Computers > Security Asked by: networksecurity-ga List Price: $200.00 |
Posted:
17 Mar 2006 07:11 PST
Expires: 17 Mar 2006 10:05 PST Question ID: 708366 |
This is an extremely specific, extremely advanced question about VPN tunnels between 2 cisco pix 525 firewalls each running software version 6.3.5 I want to create a site to site vpn between 2 offices, lets call them Office A and Office B. Each office has an inside zone and a DMZ zone. I need the vpn to be created with the following requirements: Connectivity Requirements: Inside of Office A can access BOTH inside and DMZ of Office B DMZ of Office A can ONLY access DMZ of Office B and NOT inside of Office B Inside of Office B can access Both inside and DMZ of Office A DMZ of Office B can ONLY access DMZ of Office A and not inside of Office A Inside of Office A can access DMZ of Office A Inside of Office B can access DMZ of Office B DMZ of Office A CANNOT access Inside of Office A DMZ of Office B CANNOT access Inside of Office B Specifics Office A: pix outside interface: 99.99.99.99 pix DMZ interface: 10.10.1.1/16 pix inside interface: 172.20.1.1/24 Office B: pix outside interface: 100.100.100.100 pix DMZ interface: 10.11.1.1/16 pix inside interface: 172.21.1.1/24 What I am looking for is an EXACT configuration to create the above: use isakmp preshared keys, you can pick any kind of isakmp encryption policy I dont care. The issue I am most concerned about is how you do the natting or no natting to get the Connectivity Requirements to work. |
| ||
|
| There is no answer at this time. |
| ||
|
| There are no comments at this time. |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
| Search Google Answers for |
| Google Home - Answers FAQ - Terms of Service - Privacy Policy |