Is it possible to NAT VPN traffic to an address that does not exist on either interface.
For example if two sites have overlapping address ranges (say both have an internal network of (1.1.1.x). The outside space between the firewalls are 2.2.2.x, can I nat the interesting traffic to 3.3.3.x?, or does it have to be NAT'd to an address on the outside interface...