Question : Problem: Cisco 3030 Concentrator/PIX 525 Setup

This question is for all the Cisco gurus...
I trying to find the best practice for running a 3030 Concentrator behind or parellel with a PIX 525.

Our current setup is out-dated. We have 3030 behind 515E with a large private ip subnet... Problems arise with overlapping ip's on site-to-site vpn's. I would like to have the option of using either a private network or register public's for my site-to-site vpn's local network/hosts. In addition, we will have 254 public ip's to use.

Answer : Problem: Cisco 3030 Concentrator/PIX 525 Setup

I'd save your public IP's.

Put the concentrator straight to the outside to deal with the VPN traffic and leave the pix to deal with web and smtp, dns etc.

The 3030 is a serious piece of equipment (we run two 3020's) but we have placed a seperate firewall alongside. Our 525E firewalls have the add-on 4 port card as below.

3020 Sidewinder firewall
\ /
\ /
\ /
sec90 sec0

525E
sec100
|
|
---------------LAN-----------------

We use a class B (172.30.0.0) for aggregation but each site is on its own class C subnet 172.30.x.0 etc)

HTH

Random Solutions

Problem: SATA running in IDE mode.Can't update drivers.

Problem: Does a Linksys WAP4410N Wireless point have DHCP on the unit?

Problem: memory upgrade reccomendation

Problem: Blackberry Server

Problem: USB Flash Drive Not Showing....

Problem: new windows mobile project - linq to data in .net cf?

Problem: ITunes stopped detecting AppleTV

Problem: Modem bank authorizations fail to connect - just constantly redials bank

Problem: Blank Screen on 80GB iPod

Problem: Best ddr3 For asus p5q3 deluxe mo board