Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Public IP to internal over L2L and through a NAT?


Got a tricky situation right now and need some additional brainpower.

We have a PIX515E running 7.2.2.

We have a L2L VPN tunnel to another company where we have our servers.

This works good.

Now, a server at the other company site needs a public IP and has to go through our own PIX and over the L2L tunnel.

Currently we are NAT'ing all traffic to the other company over the L2L. This works good.

Our server has the IP:, and we are giving it a public ip (fake) in my own PIX

How shall I do the static?

Will it be : static (inside,outside) netmask ?

Considering that the our server is really "outside" from my PIX point of view?

How shall I turn the traffic around and enter the L2L and get NAT'ed towards the server?

I previously made it possible to VPN to our PIX and then be able to work against the servers with NAT'ing.

Then I just had to add another NAT for (outside) and it worked. I've even tried adding another ACL line and permitting any traffic towards Not working tho

Would really appreciate some help :)



Re: Public IP to internal over L2L and through a NAT?

Go through this NAT and Access Lists (Cisco PIX 500 Series Security Appliances Configuration guide) for your configuration . It will help for the configuration.

CreatePlease to create content