Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN through PIX with single outside address?

I have several hosts behind a PIX 506. I get a dynamic IP address from my provider and have been able to get things working just fine. The only problem I have is when I try to VPN out from one of my internal hosts. According to experience and what I have read, I normally have to have a 2nd IP address statically NAT'd through to my internal host for this to work. I do not have to do this with other firewall types. Any suggestions?

1 REPLY
Cisco Employee

Re: VPN through PIX with single outside address?

This really depends on the VPN server.

For the case of vpn3000, you can use the vpn client and make use of TCP transparency feature to vpn through the pix.

If the vpn server is a PIX or router, this Nat tranparency is not yet supported by the code.

If the VPN is PPTP, it would not work through the PIX using PAT, you need a static nat for every host.

Regards,

102
Views
0
Helpful
1
Replies
CreatePlease to create content