-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Then that could pose a security risk. But, to make this work, just connect the public interface on your VPN server into the same physical segment or VLAN, and then the private interface into your private network. That's it. That completely bypasses the PIX. Chris - -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Keith Duckworth Sent: Monday, December 01, 2003 1:54 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: OT: VPN box inside a PIX DMZ Chris: The plan is to use IPSEC. In talking to the vendor, they want to set it up that the VPN has a direct public IP address on the WAN side, not using any NATing. Therefore, I am planning to use our cisco switches and set up a vlan with the PIX and VPN within the same vlan, and the DMZ in a different vlan. So, I guess I don't need to work on the VPN within a DMZ config as of yet. Thanks for the offer, though. Keith - -----Original Message----- From: Chris Lynch [mailto:lynch00@xxxxxxx] Sent: Sunday, November 30, 2003 4:54 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: OT: VPN box inside a PIX DMZ - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 What type of VPN is this going to support? PPTP or L2TP/Ipsec? Chris - - -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Keith Duckworth Sent: Friday, November 28, 2003 9:48 AM To: NewsGroup-Thin (thin@xxxxxxxxxxxxx) Subject: [THIN] OT: VPN box inside a PIX DMZ Has anyone set up a VPN hardware box inside a PIX 515 DMZ? I need to have the PIX forward all packets that hit the VPN to a specific server within our private network. I know, I know, the PIX has the capability to do it's own VPN, but I wasn't involved with this configuration, I am supposed to implement it. Mine is not to reason why, mine is just to do.... Sincerely, Keith E. Duckworth <https://www.avis.com/AvisWeb/reservation/ReservationsInitializer?AWD_NUMBER =K563500&LINK_ID=175&AD_ID=upromise2584299974> - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 Comment: Public PGP Key for Chris Lynch. iQA/AwUBP8pm9m9fg+xq5T3MEQKRQwCg8Zhalhka3h8qHGTWlRhGuqAB5hwAnRGz cvUHripcvoVI6T2jwTaf7DBM =VRO/ - -----END PGP SIGNATURE----- ******************************************************** This Week's Sponsor - ThinPrint .Print Server Engine Thinprint can help you save money, protect resources, simplify administration, save time and increase flexibility by solving all of your printing needs. http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm Domains currently for sale by The Kenzig Group http://www.kenzig.com/serv01.htm New Site: Free Weblogs! http://www.blogvortex.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - ThinPrint .Print Server Engine Thinprint can help you save money, protect resources, simplify administration, save time and increase flexibility by solving all of your printing needs. http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm Domains currently for sale by The Kenzig Group http://www.kenzig.com/serv01.htm New Site: Free Weblogs! http://www.blogvortex.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 Comment: Public PGP Key for Chris Lynch. iQA/AwUBP8vA3W9fg+xq5T3MEQKLlwCfeZ+ovKpYxwrV0rmMHVpilQSiJdIAoN80 WJWUjDhNWMIGxu0mN0UDEWHx =1WBb -----END PGP SIGNATURE----- ******************************************************** This Week's Sponsor - ThinPrint .Print Server Engine Thinprint can help you save money, protect resources, simplify administration, save time and increase flexibility by solving all of your printing needs. http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm Domains currently for sale by The Kenzig Group http://www.kenzig.com/serv01.htm New Site: Free Weblogs! http://www.blogvortex.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm