I have a PIX 515 running 6.2 code which connects to remote PIXs over VPNs. I want to allow external access to a device at a remote site. I want to have traffic NAT from a public address and then pass across the VPN to a Video conference unit across the VPN. The problem is that the VPN traffic goes back out the same interface that the NATed traffic came in. Can I do this (and how) or is this a security violation on the the PIX. I cannot use a public address at the remote site because that site has a single public dynamic address.
Any guidance you can give would be appreciated. I searched the forum but did not find any previous discussions on this issue.