Hello, I'm having this issue for quite a few days now.
I have a Cisco PIX 6.3.3, which currently has a VPN tunnel to another PIX. I have quite a few local networks behind my PIX, let's say for example 10.76.1.0/24.
The people from the other side of the tunnel only want to see the network 10.54.1.0 /24, so I have NAT configured to translate the traffic that goes to the tunnel. I've used policy NAT (nat with an ACL).
The thing is that when a server from the local network accesses the VPN first, it does not NAT ever again. I mean, it remains with the translated IP 10.54.1.1, for example, but does not NAT with the outside interface to access the Internet.
Here's a glimpse of the configuration:
global (outside) 14 10.54.1.0 netmask 255.255.255.0
global (outside) 1 interface
nat (inside) 14 access-list VPN
nat (inside) 1 10.76.1.53 255.255.255.255
access-list VPN permit ip 10.0.0.0 255.0.0.0 VPN-Network 255.255.0.0
I have read about the NAT priorities and in theory they are OK, but still don't work.
Any ideas?