Chapter 7. Troubleshooting IPsec VPN on PIX Firewalls
Virtual Private Network (VPN) implementation on the PIX Firewall is very similar to the IOS Router with a few exceptions. This chapter examines the difference in detail and explores both LAN-to-LAN and Remote Access VPN implementations and troubleshooting using IP Security Protocol (IPsec) on the PIX Firewall. The discussion of this chapter is based on PIX Firewall version 7.0. The same code which runs on ASA 5500 Series Appliances has some additional VPN features (for example, secure sockets layer [SSL] VPN), and will not be discussed in this chapter, as these features are not available on the PIX firewall platforms. The case study section contains a new feature called Hairpinning, which allows the PIX firewall to act as a hub for both VPN clients and other VPN peers such as the IOS Router, PIX firewall, and so on.