[VPN] Question for site to site VPN

Dana J. Dawson djdawso at qwest.com
Fri Mar 21 18:24:12 EST 2003

Since you have to use access-lists as part of the VPN configuration to 
define all the hosts and/or networks at each end of each tunnel, if you 
configure all the VPN tunnels with the database server as the only local 
host, then it will do what you want.  The PIX should be fine for this, 
assuming you don't otherwise exceed its VPN capacity.




Dana J. Dawson                     djdawso at qwest.com
Senior Staff Engineer              CCIE #1937
Qwest Communications               (612) 664-3364
600 Stinson Blvd., Suite 1S        (612) 664-4779 (FAX)
Minneapolis  MN  55413-2620

"Hard is where the money is."

Roger Qian wrote:
> Hi All,
> We're a hotel service provider. If we setup a site to site VPN system with
> our customers how to keep the privacy for each customer on the VPN system.
> We only need each customer to talk to a database server in our end only and
> no talk between any customers.  We have a existing PIX 515UR firewall, do we
> need to buy a dedicated Cisco device to act as a VPN gateway?
> Thanks in advance.
> Roger
> _______________________________________________
> VPN mailing list
> VPN at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn

More information about the VPN mailing list