Can someone offer advice to whether this would work?
I have a 2-interface PIX 515E behind another firewall. I'd like to terminate the VPN on the outside interface, but have it on a NATted subnet (policy decision for avoiding same-subnet VPN issues), having NATs to both inside and outside machines. I am able to pass ipsec through the external firewall, so that is not an issue.
As long as you do a one-to-one static mapping for the outside IP of PIX. But If you prefer PAT and forward ports of 1 global IP to outside interface of PIX, forward tcp 10000 and udp 4500. Have never tried with PAT before but may cause problems about GRE.
Let me understand correctly. Other VPN endpoint has a connected subnet which is same with your local subnet? So this will create return trip traffic issues if I understood correctly. You can try policy NAT at local device to change the source of the packets.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...