Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Can I configure a PIX-to-PIX LAN-to-LAN Tunnel with the same Subnets on both sides?

How can I configure the same such as the config example for Routers over NAT.

I need the NAT settings on the PIXes.

2 REPLIES
Anonymous
N/A

Re: Can I configure a PIX-to-PIX LAN-to-LAN Tunnel with the same

No you cannot have the same subnet on both sides of the VPN tunnel.

You will need to use NAT.

The best suggestion is to add another interface to both pixes and terminate the VPN tunnel to that interface.

This way you can use on PIX A - static(inside,vpn) 172.16.1.0 255.255.255.0 10.1.1.0 255.255.255.0 and on PIX B - static (inside,vpn) 172.17.1.0 255.255.255.0 10.1.1.0 255.255.255.0.

This way users behind PIX A see the remote network as 172.17.1.x and the people behind PIX B sees the A network as 172.16.1.x.

This would be the only way to make it work properly.

Cisco Employee

Re: Can I configure a PIX-to-PIX LAN-to-LAN Tunnel with the same

With PIX 6.2 bidirectional nat, this could now be done, see:

http://www.cisco.com/warp/public/707/vpn_pix_private.html

219
Views
0
Helpful
2
Replies
CreatePlease to create content