PIX - VPN client NAT off inside for LAN and NAT off outside for internet

Unanswered Question
Sep 7th, 2007

I'm trying to setup a pix where vpn users are NATed to 2 address.

Internet traffic to the outside interface (PUBLIC IP) and traffic to LAN NATed to the inside interface.

-----> traffic to the WAN x.x.x.x public IP (outside interface)

<LAN>---<PIX>---<WAN>

<---- traffic to LAN NATed to 192.168.254.254 (Inside interface)

Can someone point me in the right direction?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tstanik Thu, 09/13/2007 - 11:03

If the VPN clients are also terminating on outside interface then you will have to configure one-arm routing or hairpinning (i.e routing the packets out of the same interface from which they came) on PIX. This feature is only supported on PIX running software version 7.x or 8.0.

Actions

This Discussion