Hopefully someone can confirm this is possible.
I have a PIX 525 running v7.2 and it terminates several Site-To-Site VPNs with other organisations who then use services hosted on a DMZ. That all works fine.
I'm connecting up another organisation who cannot route to private address space down a VPN at their end. That causes a problem, because the address they need to contact down the VPN is a private one.
So is it possible to do a NAT to one of our Internet addresses on the outside of the PIX, but still have them access it over the VPN?
There doesn't seem to be an equivalent config on the Cisco support examples and I've checked the Wiki, but couldn't find anything that matches this scenario.