From: Chad Hintz (ccie_2b2004@yahoo.com)
Date: Wed Oct 13 2004 - 11:01:08 GMT-3
I believe that is possible but it has to route to that address for all no nat traffic, so if you use another IP add on a seperate interface you have to create a route outside to all remote traffic to tha IP.
ie
accesss-list no-nat permit 10.x.x.x 255.0.0.0 192.169.1.0 255.255.255.0
new int Ip is 2.2.2.2
you would have to create a route outside for the remote network
route outside 192.168.1.0 255.255.255.0 2.2.2.2
Because it default to point to your source IP.
HTH,
Chad
"Casey Paul (IE)" <Paul.Casey@o2.com> wrote:
Hi,
Can I force a PIX to source a vpn tunnel on diffent interface other that
the crypto identify interface. i.e can I create loopback int etc...and
use this a the crypto source or something similar.. ? The VPN's crypto
source address is the outside interface which is a private address and I
dont want to source it off this.
thoughts ?
thanks
/.P
****************************************************************************************
Please note as of 31st March 2004 we will not be accepting any email to
Digifone.com addresses. From this date please send all emails to O2.com.
This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify postmaster@O2.com or
telephone ++ 353 1 6095000.
*****************************************************************************************
This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:47 GMT-3