Need Site to Site example with both sides hiding ip's

Unanswered Question
Sep 5th, 2007

Does anyone have a few examples of site to site vpns setup where you need to hide the private ip subnets on both sites. I cant find any good examples using static nat statement etc.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


Here is what I have on my PIX 6.3 going to a customer's Checkpoint. Right now I am the only one able to start up the IPSec VPN tunnel; don't know if I need to change something or they do, so they can initiate the tunnel.

static (inside,outside) netmask 0 0

access-list onion permit ip host host

access-list onion permit ip host host

crypto ipsec transform-set cheese esp-3des esp-sha-hmac

crypto map hotdog 30 ipsec-isakmp

crypto map hotdog 30 match address onion

crypto map hotdog 30 set peer

crypto map hotdog 30 set transform-set cheese

crypto map hotdog interface outside

isakmp key ********** address netmask no-xauth no-config-mode

isakmp identity address

isakmp keepalive 10

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400


This Discussion