This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

mixed setup encrypted and unencrypted

Hi all
This is my first Thread on this forum
I have  the followin network setup:

                                   LAN2
                                     |
                                   ASG2
                                     |
LAN1AGS1  CISCOCISCOLAN3
Now on the LAN1 the default gateway of machines are the ASG1, on this have tunnel  to ASG2 -LAN2, by now working fine, but  i need to make unsecure conection to LAN3 from LAN1 and LAN2.
i have created the respectives routes on cisco routers to reach LAN1 and LAN2 but is not reachable, ASG 1 and 2 have strict routing enabled and the comunicatios betwen both is OK, i have permited the network LAN3 on the packet filter of ASG 1 and 2, i tried with nat but no have any comunicatio with  LAN3, i run ping command from machine on LAN3 to external interface of ASG1 and it respond OK but internal not.

I really don't need authenticate any users on ASG i only want to make firewalling on ASG and VPN tunnel betwen the enterprice network througth wirelees network do this i most have purchase a lisence??? i using home user by now

This thread was automatically locked due to age.

0 BAlfson over 16 years ago

If you can ping the external interface of ASG1, then there is no VPN tunnel established between the Cisco and ASG1.

Yes, if you are using Astaro software in a business, you have to buy it. There has been a trade-in available for Cisco Pix - I don't know if it's still available or available in your country.

Here's an example of connecting between three sites that might help you. It assumes that you want to connect Site A and Site C through Site B:

Site A: 192.168.11.0/24
1 Remote Gateway
Remote Gateway: [Public IP Site B]
Remote Networks: 192.168.1.0/24 und 192.168.100.0/24
Local Networks: 192.168.11.0/24

Site B: 192.168.1.0/24
2 Remote Gateways und 2 IPSec connections
Remote Gateway: [Public IP Site A]
Remote Networks: 192.168.11.0/24
Local Networks: 192.168.1.0/24 und 192.168.100.0/24

Remote Gateway: [Public IP Site C]
Remote Networks: 192.168.100.0/24
Local Networks: 192.168.1.0/24 und 192.168.11.0/24

Site C: 192.168.100.0/24
1 Remote Gateway
Remote Gateway: [Public IP Site B]
Remote Networks: 192.168.1.0/24 und 192.168.11.0/24
Local Networks: 192.168.100.0/24

If you want ALL of the traffic from A and C to go to B, make the following changes:

Site A: 192.168.11.0/24
Remote Networks: 0.0.0.0/0

Site C: 192.168.100.0/24
Remote Networks: 0.0.0.0/0

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 enriqueluis over 16 years ago

Hello Balfson
thats OK, sorry my english.
on my before message i not full explain.
I'm not using VPN tunnel between the Cisco and ASG1 (the diagrama has not shown like that i want, because i no see the preview post). realy ASG2 is conected to Cisco, let me show other diagram to be more explicit. All routers cisco not suport tunnel VPN because memory and procesor are too small, i have tried upgrade IOS without success. the vpn tunnel is configured directily from ASG to other pasthrougth the wirelees network and many other routers in the way, some time ago i not have ASG on my network the LAN's are conected to cisco, now i have inserted ASG behid the cisco router and changed ip addres on internal interface on cisco, the corresponding routes on each cisco router.
I have setup VNP tunnel between ASG1 and ASG2 , but on LAN 3 i don't have ASG , and the cisco router not support VPN tunnel, i need have created the corresponding routes on cisco, allowed LAN3 on the packed filter of ASG1 and ASG2, the ciscox and ciscoy is visible one to other.
LAN1
|
ASG1
|
|
cisco
|
|
|wifi
|network
|
|
ciscox CISCOy
Cancel
Vote Up 0 Vote Down

Cancel