Cisco pix vpn access

20 pts.
Tags:
Cisco
PIX
VPN
I have 1 main office and 3 remote offices connected by Cisco Pix's. The main server and email server are in the main office. As long as the computers are on the network everything is fine. The main office has a vpn set up for remote users and it works fine. The other offices want this set up as well, but the problem being the mail server is in the main office. When setting up vpn's on the remote routers, they can connect and ping on their local subnets. However, they can not ping across the vpn to the main office. Is it possible to set it up to do this? Basically Working: Remote user-VPN TO MAIN- Main subnet remote user-vpn to remote router-remote subnet Not working Remote user-vpn to remote router-vpn to main - main subnet
ASKED: March 12, 2008  10:41 PM
UPDATED: March 13, 2008  4:17 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Do you have routing setup? At each of the remote offices you need to put routes on the router to the different networks. And vice versa…you need to setup the remote office networks on the router at your main location.

If you have more specific routing questions…let me know.

Here is an example:

Main Office: 192.168.0.x/255.255.255.0
-Router Internal Address – 192.168.0.1

Routes:
route 192.168.1.0 255.255.255.0 192.168.0.100 (New York)
route 192.168.2.0 255.255.255.0 192.168.0.101 (Miami)

New York Office: 192.168.1.x/255.255.255.0
-Router Internal Address – 192.168.1.1
-Router VPN Interface – 192.168.0.100

Routes:
Default

Miami Office: 192.168.2.x/255.255.255.0
-Router Internal Address – 192.168.2.1
-Router VPN Interface – 192.168.0.101

Routes:
Default

If VPN Device is also the router then the default route should be all that is needed. If you have separate devices then you need to set the routes to use the VPN device as the next hop address.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Rowley613
    The vpns are being handled by the router. Here is the setup. Chi 192.168.111.0 ex 12.xxx.xxx.xxx cali 192 .168.1.0 ex 75.xxx.xxx.xxx was 192.168.2.0 ex 70.xxx.xxx.xxx I have default routes set on the outside interfaces to the external address ex. chicago to cali 192.168.1.0 255.255.255.0 75.xxx.xxx.xxx From the routers I can ping across networks fine. If its a computer on the domain I can access anything on any subnet. If its a vpn client I can only access the subnet that the client is vpn'ing to. So if they vpn into the cali router, they cant see anything on the chicago subnet.
    20 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following