Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX to 3005 through PIX with NAT

Hello,

I am trying to establish a LAN to LAN tunnel between 501 and 3005 as a following:

501--Cable--520withNAT--3005onDMZ

Is this scenario possible? What things are different from regular or IOS LAN to LAN? Is 501 capable supporting this design?

What to look out for on 520?

Thank you for the help.

1 REPLY
New Member

Re: PIX to 3005 through PIX with NAT

I've just recently set up this exact scenario at a customer site and it works fine.

.

You must make sure that the IPSEC protocols are allowed through the firewall to the NAT address you have used for your VPN 3005 (typically ESP and UDP/500 for ISAKMP)

.

The 501 should use the NAT address for its VPN gateway/peer.

.

Tried and tested and works fine.

96
Views
0
Helpful
1
Replies