Vpn Pix1(inside) to Pix2(dmz)

Unanswered Question
Feb 14th, 2008
User Badges:

Hi all,

I created a vpn site to site, from inside(192.168.10.0) of pix1 to dmz(192.168.177.0) of pix2, all working well, but i need a communication from 192.168.10.0 to an host 10.0.0.x of the inside of pix2.


i nat the:


static (inside,dmz) 192.168.177.88 10.0.8.88 netmask 255.255.255.255 0 0



but dont work, i had already a full permit acl,

any idea?


Ty in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Thu, 02/14/2008 - 08:07
User Badges:
  • Green, 3000 points or more

First add this as interesting traffic..


pix 1

access-list permit ip 192.168.10.0 255.255.255.0 host 10.0.0.x


pix 2

access-list permit ip host 10.0.0.x 192.168.10.0 255.255.255.0


Then add to nat 0 acl...


pix 1

access-list permit ip 192.168.10.0 255.255.255.0 host 10.0.0.x


pix 2

access-list permit ip host 10.0.0.x 192.168.10.0 255.255.255.0

nat (inside) 0 access-list


Actions

This Discussion