02-15-2007 01:31 PM - edited 02-21-2020 01:24 AM
I have what I am hoping someone has successfully accomplished before. In one state I have a PIX 501 firewall, and in another I have a 2801 and behind that is a 2611. The 2611 has a 10.x.x.x network and a 192.168.x.x network on it. The 10 network connects to the 2801 via f0/1, and the 192 interface connects to a third party firewall, a sonic I believe. In order to create the IPSEC tunnel I have a 1:1 nat translation on the F0/0 interface that maps a public IP to the private IP on the 2611. In this setup IPSEC works OK, but there is a monkey wrench thrown in here that has created a real snafu. Voip runs over this interface, which for the 10,x,x,x network is not a problem, but what is a problem is there are desktop appications, and access to the CCMuser pages from the 192.168 network and also two IP communicators on the 192.168 network. In order for them to work I need NAT on the 2611, by itself works fine, but when I enable nat on the 2801, breaks the voice for the IP communicators. I need some solution to this as I have run out of ideas.
When I look at the registration for the CIPC, I am seeing the public ip address that is mapped to the 10 address. How vcan I stop the ip of the 2611 from being transalated for the CIPC, if I can solve that I think I can have this all working.
02-21-2007 01:28 PM
This problem is due to the static translation change. This problem caould be solved by clearing the address translations with the comand " clear translarions.
02-21-2007 01:48 PM
I figured it out and got it working. It was mainly the PIX where the problem was at. Thanks anyway.
02-21-2007 01:58 PM
This problem is due to the static translation change. This problem caould be solved by clearing the address translations with the comand " clear translarions.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: