cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
255
Views
0
Helpful
1
Replies

PIX - VPN client NAT off inside for LAN and NAT off outside for internet

vlupo
Level 1
Level 1

I'm trying to setup a pix where vpn users are NATed to 2 address.

Internet traffic to the outside interface (PUBLIC IP) and traffic to LAN NATed to the inside interface.

-----> traffic to the WAN x.x.x.x public IP (outside interface)

<LAN>---<PIX>---<WAN>

<---- traffic to LAN NATed to 192.168.254.254 (Inside interface)

Can someone point me in the right direction?

1 Reply 1

tstanik
Level 5
Level 5

If the VPN clients are also terminating on outside interface then you will have to configure one-arm routing or hairpinning (i.e routing the packets out of the same interface from which they came) on PIX. This feature is only supported on PIX running software version 7.x or 8.0.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: