My configuration is such that my 3005 sits in the DMZ of my PIX. I am creating a L2L VPN with a business partner.
The partner has requested NO RFC1918 through the tunnel. Thus I need to NAT the FTP host that this partner will access. This FTP host is in my internal 172.20.x.x network.
I am confused as to where I should perform the NAT. On the PIX or on the 3005 or both.
The connection layout is:
Internet to Public on PIX
3005 to DMZ on PIX
Both PIX and 3005 have Private Interfaces to my network.
My gut is telling me the NAT should be on the PIX but I am letting the L2L confuse me on how it should all work.
Any assistance would be appreciated.