When a remote access vpn user connects into my pix, I want to allow said user to traverse to a router (through another interface on the firewall) but hide the pool addresses. Is this possible?
What if the user came into me via a site-to-site tunnel, could this work as well?
My reason is simplicity (and security), I don't want the router to see users' LAN address (in case of site-to-site) or assigned pool address. My intention is to overload to the outgoing interface's address. I'm using pix 6.
Thanks in advance.