Easy VPN Remote Client Mode
NOTE The NAT/PAT translations and access control list (ACL) configurations created by
the Easy VPN Remote feature are not written to either the startup configuration or the
running configuration. You can view these configurations, however, using the show ip nat
statistics and show access-list commands (or the show vpnclient detail on the Security
Appliance) when the configuration is active.
VPINn tTerunnentel
Visible IP
Address at
VPN Server
PAT
10.20.10.2
192.168.10.1
192.168.10.10 192.168.10.11
10.10.10.0/24
PIX Firewall 525
(Easy VPN Server)
PIX 501/506
(Easy VPN Remote)
418 Chapter 14: Configuring Access VPNs
Network Extension Mode
In network extension mode, all SOHO PCs connected to the Easy VPN Remote device are
uniquely addressable by the VPN tunnel. This allows devices to connect directly to PCs
behind the Easy VPN Remote device. Figure 14-4 illustrates the Easy VPN Remote network
extension mode. The remote client hosts are assigned IP addresses that are fully routable by
the destination network through the tunnel.