We would like to setup VPN in such a way that remote users can VPN into the network and use their workstations as if they were on the LAN.
Currently, I have setup the VPN IP pools for private addressing. When I establish a VPN connection to our PIX 515, I can access resources within the LAN, but I access anything outside of the LAN, most likely because I have used a non-routable IP.
I was hoping that NAT would do the trick to translate the private IP to a spare IP on our subnet. I cannot find a way to do this because the PIX considers VPN traffic as coming in on the outside interface. When I try to access resources outside our LAN, the PIX denies the traffic with a "Deny inbound (no xlate) tcp src outside:192.168.1.1/1053 dst outside:100.100.100.100/137"
How can I setup an outside-outside NAT like this? Or what am I doing wrong here?
i dont have the exact config so this may be off target but...
if your using the cisco software client, you want to enable split tunneling. this will allow tunnel bound traffic to use the tunnel but the clients "local net" traffic will not. this works for us with the pix locked down and vpn tunnels established to a vpn3015 concentrator.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...