From: Torrey Hollar (thollar@xxxxxxxxx)
Date: Tue Jan 11 2000 - 15:14:54 GMT-3
Darrel,
Actually the termination of the interface will still be terminated on the
outside interface. We have a new command that will bypass the NAT to allow
VPN users gain access to the internal private addressing without having to
go to a address in the global pool. this new command it "NAT 0 access-list
xxx in". The access-list can be applied to permit your pool of addresses
you are assigning your VPN clients when they connect to the gateway. This
feature will be supported in version 5.1 which is on software center in
beta now. It should be shipping this month. I'll send you the release
notes and any info I can dig up. The new VPN client 1.1a is also posted on
the software center within the PIX downloads. I recommend using the 1.1a
client.
Good Luck,
Torrey
At 10:52 AM 1/11/00 -0600, Darrel E. Hinshaw wrote:
>All:
>
>
>Have any of you ever terminated a VPN (ISAKMP) tunnel to the inside
>interface of a PIX? I see a note that indicates 5.02 will support this but I
>am unable to find any 5.02 documents to support this. This was not supported
>in 5.01 and prior.
>
>
>Regards,
>
>
>Darrel Hinshaw
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:44 GMT-3