Cisco 2811 VPN tunnel With CheckPoint NGX R65

Unanswered Question
Jun 14th, 2010
User Badges:

Hi Guys,

I have setup a tunnel from my Cisco to the customer's checkpoint.

Tunnel comes up at phase 1 and 2.

however they want me to now nat my source network which is onto

meaning on a host oer host basis: to to


My router has IP on fa0/1 and my public ip is on fa0/0

My issue is how do i nat my network onto the network which is not even found on my router?

They need to see my source IP coming from the network.

I also need to to nat then incoming as they will be accessing my services via the network as well.

Can someone shed some light on this please?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
adhar Sat, 06/19/2010 - 07:05
User Badges:

When using nat for your ipsec, you should use the nat'ed ip in the interesting traffic (crypto acl) to trigger the tunnel. Other than that the nat configuraition will be as usual. Hope this helps !


This Discussion