A bit of a novice at all this. I have spent a few days trying to get a vpn setup to a remote site.
We have pix 515 at both ends. I need VPN connection to a server at remote end.
I setup the config at the remote end but the vpn connection failed.
I have tracked the issue down to the fact that at this end we are using NAT for connections from the inside network to the outside world.
So I assume I need to add an access-list nonat and a corresponding
nat (inside) 0 access-list nonat command to stop the nat for connections made to the remote site?
my question is what syntax would access-list take. My assumption is that it would be
access-list nonat permit ip x.y.z.0 255.255.255.9 a.b.c.1 255.255.255.255
where x.y.z.0 is IP adress range we are using internally and a.b.c.32 is the ip address of the interface on the PIX I want to connect to.
I have configs and debugs if people want to see them, but I am trying to get people pointing me in the right direction rather than tell me word for word what I need to do as I learn more that way.
thanks in advance
Pete