Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

NAT VPN connections on PIX?

Hello! I have a PIX 525 and on a handfull of VPN connections I need to present myself as coming from an address that is different than my internal addresses. Is this possible on the PIX? Thanks for your help!

Tom

3 REPLIES
Cisco Employee

Re: NAT VPN connections on PIX?

Hi Tom,

Its definately possible to do as the operation of NAT occurs before it goes through the IPSec process through the PIX firewall. The following URL would show you how the packets can be statically NATted through the VPN tunnel http://www.cisco.com/warp/customer/707/vpn_pix_private.html

Hope this helps,

Regards,

Aamir Waheed

Cisco Systems, Inc.

CCIE#8933

-=-=-

New Member

Re: NAT VPN connections on PIX?

Aamir,

Thank you for your help! The problem I'm running into is that I need to NAT based on destination. I have a handful of tunnels that need to be presented as coming from different ip blocks while the remainder are fine with a nat (inside) 0 command. It looks to me like a VPN concentrator will do what I need instead of the PIX. Again, thanks for your help!

Tom

Cisco Employee

Re: NAT VPN connections on PIX?

Hi Tom,

Actually the link which I sent you has the PIX doing exactly what you are looking for. Although the CVPN3000 can do this with the latest release: http://www.cisco.com/warp/public/471/config_vpn_3k_site.html, you should still be able to accomplish your tasks using the PIX firewall.

In case you need help in understanding how its working feel free to open up a TAC case on this aswell or feel free to ask me questions on it.

Hope this helps,

Regards,

Aamir

-=-=-

114
Views
0
Helpful
3
Replies
CreatePlease to create content