[THIN] Re: OT: VPN box inside a PIX DMZ

• From: "Chris Lynch" <lynch00@xxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Mon, 1 Dec 2003 14:29:49 -0800

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Then that could pose a security risk.  But, to make this work, just connect
the public interface on your VPN server into the same physical segment or
VLAN, and then the private interface into your private network.  That's it.
That completely bypasses the PIX.

Chris

- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Keith Duckworth
Sent: Monday, December 01, 2003 1:54 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: VPN box inside a PIX DMZ

Chris:

The plan is to use IPSEC.  In talking to the vendor, they want to set it up
that the VPN has a direct public IP address on the WAN side, not using any
NATing.  Therefore, I am planning to use our cisco switches and set up a
vlan with the PIX and VPN within the same vlan, and the DMZ in a different
vlan.  So, I guess I don't need to work on the VPN within a DMZ config as of
yet.

Thanks for the offer, though.


Keith

- -----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]
Sent: Sunday, November 30, 2003 4:54 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: VPN box inside a PIX DMZ

 
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What type of VPN is this going to support?  PPTP or L2TP/Ipsec?

Chris 

- - -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Keith Duckworth
Sent: Friday, November 28, 2003 9:48 AM
To: NewsGroup-Thin (thin@xxxxxxxxxxxxx)
Subject: [THIN] OT: VPN box inside a PIX DMZ

Has anyone set up a VPN hardware box inside a PIX 515 DMZ?  I need to have
the PIX forward all packets that hit the VPN to a specific server within our
private network.
 
I know, I know, the PIX has the capability to do it's own VPN, but I wasn't
involved with this configuration, I am supposed to implement it.
 
Mine is not to reason why, mine is just to do....
 


Sincerely, 
  
Keith E. Duckworth
<https://www.avis.com/AvisWeb/reservation/ReservationsInitializer?AWD_NUMBER
=K563500&LINK_ID=175&AD_ID=upromise2584299974>  

 

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Public PGP Key for Chris Lynch.

iQA/AwUBP8pm9m9fg+xq5T3MEQKRQwCg8Zhalhka3h8qHGTWlRhGuqAB5hwAnRGz
cvUHripcvoVI6T2jwTaf7DBM
=VRO/
- -----END PGP SIGNATURE-----

********************************************************
This Week's Sponsor - ThinPrint .Print Server Engine Thinprint can help you
save money, protect resources, simplify administration, save time and
increase flexibility by solving all of your printing needs.
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
Domains currently for sale by The Kenzig Group
http://www.kenzig.com/serv01.htm New Site: Free Weblogs!
http://www.blogvortex.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - ThinPrint .Print Server Engine Thinprint can help you
save money, protect resources, simplify administration, save time and
increase flexibility by solving all of your printing needs.
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
Domains currently for sale by The Kenzig Group
http://www.kenzig.com/serv01.htm New Site: Free Weblogs!
http://www.blogvortex.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Public PGP Key for Chris Lynch.

iQA/AwUBP8vA3W9fg+xq5T3MEQKLlwCfeZ+ovKpYxwrV0rmMHVpilQSiJdIAoN80
WJWUjDhNWMIGxu0mN0UDEWHx
=1WBb
-----END PGP SIGNATURE-----


********************************************************
This Week's Sponsor - ThinPrint .Print Server Engine
Thinprint can help you save money, protect resources, 
simplify administration, save time and increase 
flexibility by solving all of your printing needs.
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
Domains currently for sale by The Kenzig Group
http://www.kenzig.com/serv01.htm
New Site: Free Weblogs!
http://www.blogvortex.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

• References:
  • [THIN] Re: OT: VPN box inside a PIX DMZ
    • From: Keith Duckworth

Other related posts:

• » [THIN] OT: VPN box inside a PIX DMZ
• » [THIN] Re: OT: VPN box inside a PIX DMZ
• » [THIN] Re: OT: VPN box inside a PIX DMZ
• » [THIN] Re: OT: VPN box inside a PIX DMZ
• » [THIN] Re: OT: VPN box inside a PIX DMZ

1. Home
2. thin
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---