 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
10 messages in net.nether.puck.cisco-nsp[c-nsp] PIX OS 7.0 and PIX520, suppor...| From | Sent On | Attachments |
|---|---|---|
| Brian Feeny | Jan 25, 2005 12:29 pm | |
| Chris Cappuccio | Jan 26, 2005 4:32 am | |
| Gert Doering | Jan 26, 2005 5:22 am | |
| Joe Maimon | Jan 26, 2005 5:54 am | |
| Rodney Dunn | Jan 26, 2005 9:06 am | |
| Brian Feeny | Jan 26, 2005 10:29 am | |
| Sean Granger | Jan 26, 2005 10:35 am | |
| Hudson Delbert J Contr 61 CS/SCBN | Jan 26, 2005 10:55 am | |
| Chris Cappuccio | Jan 26, 2005 1:07 pm | |
| Brian Feeny | Jan 26, 2005 2:24 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [c-nsp] PIX OS 7.0 and PIX520, supported? | Actions... |
|---|---|---|
| From: | Sean Granger (sgra...@randfinancial.com) | |
| Date: | Jan 26, 2005 10:35:51 am | |
| List: | net.nether.puck.cisco-nsp | |
Excellent news.
And Brian, Gert ... I believe it's called 'sarcasm' ... ;)
Brian Feeny <signal at shreve.net> 01/26/05 09:25AM >>>
On Jan 26, 2005, at 3:33 AM, Chris Cappuccio wrote:
You mean forwarding a packet back out the same interface it was received on?
No I don't. I mean, terminating tunnelA to the PIX, and then terminating tunnelB to the PIX, and then allowing A and B to talk. This is what VPN Concentrators can do, that PIX's can't (well, one thing anyways). Its very useful in some situations.
Nope, ok, you have to buy a ROUTER for that. It ROUTES packets, see. (Never mind the dynamic or static route options that the PIX provides, it's just a firewall, for christ's sake!) So, go ahead and buy a Cisco(R) ROUTER to put in front of your PIX.
Seriously, you don't have to break it down :) "Hairpinning" when talking about VPN's has a different meaning. Although even "hairpinning" of VPN's does require routing.
Perhaps you could ask the engineers to spend the hundreds or thousands of hours it would require to implement this extensive feature on to the existing software. It might be a complicated endeavor, rivaled by the engineering of the rock-solid 2800 series, or perhaps even the Space Shuttle, but I bet they can get it done.
Turns out Hairpinning IS supported in 7.0 (Hairpinning of VPN tunnels), just like I had a hunch it would.
While I'm at it, I'm going to send you a bill for the time I took to write this, and I have a fourty hour minimum. No, four hundred hours...Yeah, that's the ticket... Four hundred hour minimum...
?
Brian
Brian Feeny [signal at shreve.net] wrote:
Does anyone know if Cisco will support the 520 with PIX OS 7.0?
Anyone know if 7.0 is going to support hairpinning of VPN tunnels?
Brian
----------------------------------------------------------------------
--
------ Brian Feeny, CCIE #8036, CISSP e: signal at shreve.net Network Engineer p: 318.213.4709 ShreveNet Inc. f: 318.221.6612
_______________________________________________ cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
-- The past cannot be changed. The future cannot be guaranteed.
_______________________________________________ cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/