Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

PIX Lan-2-Lan with Nat

Recently, we are trying to setup a L2L connection to a vendor. We are in network but the vendor is in subnet. Because the vendor doesn't want to route my network in their network, they want us to translate our subnet ( to before sending into tunnel. We have a PIX dedicated to this vendor with two interfaces (inside and outside) and is running PIX 6.3(4) code. I've set up LAN to LAN VPN in PIX before but I always see a command line NAT 0 which disables NAT.

Which I need to do to accomplish this (enable NAT in L2L VPN) in my PIX?

Local subnet: -> needs to translate to

Issue: Vendor wants us to translate our subnet ( to before sending into tunnel.

Remote Subnet:


Re: PIX Lan-2-Lan with Nat

access-list L2L_NAT permit ip

nat (inside) 5 access-list L2L_NAT

global (outside) 5

your crypto map acl will look like the above acl also.

Keep in mind, the remote side will not be able to reliably initiate connections to your side because of the dynamic NAT situation this creates.

Is this an issue for you?

CreatePlease to create content