Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX to IOS router ipsec swith NAT issue

I have what I am hoping someone has successfully accomplished before. In one state I have a PIX 501 firewall, and in another I have a 2801 and behind that is a 2611. The 2611 has a 10.x.x.x network and a 192.168.x.x network on it. The 10 network connects to the 2801 via f0/1, and the 192 interface connects to a third party firewall, a sonic I believe. In order to create the IPSEC tunnel I have a 1:1 nat translation on the F0/0 interface that maps a public IP to the private IP on the 2611. In this setup IPSEC works OK, but there is a monkey wrench thrown in here that has created a real snafu. Voip runs over this interface, which for the 10,x,x,x network is not a problem, but what is a problem is there are desktop appications, and access to the CCMuser pages from the 192.168 network and also two IP communicators on the 192.168 network. In order for them to work I need NAT on the 2611, by itself works fine, but when I enable nat on the 2801, breaks the voice for the IP communicators. I need some solution to this as I have run out of ideas.

When I look at the registration for the CIPC, I am seeing the public ip address that is mapped to the 10 address. How vcan I stop the ip of the 2611 from being transalated for the CIPC, if I can solve that I think I can have this all working.

3 REPLIES
Silver

Re: PIX to IOS router ipsec swith NAT issue

This problem is due to the static translation change. This problem caould be solved by clearing the address translations with the comand " clear translarions.

New Member

Re: PIX to IOS router ipsec swith NAT issue

I figured it out and got it working. It was mainly the PIX where the problem was at. Thanks anyway.

Bronze

Re: PIX to IOS router ipsec swith NAT issue

This problem is due to the static translation change. This problem caould be solved by clearing the address translations with the comand " clear translarions.

139
Views
0
Helpful
3
Replies
CreatePlease to create content