Vpn Pix1(inside) to Pix2(dmz)

rick_ikari_2 · ‎02-14-2008

Hi all,

I created a vpn site to site, from inside(192.168.10.0) of pix1 to dmz(192.168.177.0) of pix2, all working well, but i need a communication from 192.168.10.0 to an host 10.0.0.x of the inside of pix2.

i nat the:

static (inside,dmz) 192.168.177.88 10.0.8.88 netmask 255.255.255.255 0 0

but dont work, i had already a full permit acl,

any idea?

Ty in advance

acomiskey · ‎02-14-2008

First add this as interesting traffic..

pix 1

access-list permit ip 192.168.10.0 255.255.255.0 host 10.0.0.x

pix 2

access-list permit ip host 10.0.0.x 192.168.10.0 255.255.255.0

Then add to nat 0 acl...

pix 1

access-list permit ip 192.168.10.0 255.255.255.0 host 10.0.0.x

pix 2

access-list permit ip host 10.0.0.x 192.168.10.0 255.255.255.0

nat (inside) 0 access-list