Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX NAT traffic towards an ipsec peer

Hi,

is there a way to NAT the source ip address of a traffic going towards a specific ipsec peer (not towards internet) ?

If yes, could you pls provide me an example or a url ?

Tks

Ric

4 REPLIES
Green

Re: PIX NAT traffic towards an ipsec peer

y.y.y.y = original source address

z.z.z.z = destination address

x.x.x.x = NAT address

access-list policy_nat permit ip host y.y.y.y host z.z.z.z

static (inside,outside) x.x.x.x access-list policy_nat

New Member

Re: PIX NAT traffic towards an ipsec peer

Does this means that NATTing is done before routing and encryption ?

Tks

New Member

Re: PIX NAT traffic towards an ipsec peer

no, the order is :

routing

NAT

encryption

HTH

Cisco Employee

Re: PIX NAT traffic towards an ipsec peer

Hi,

Below is the URL that explains this set up in detail

PIX/ASA 7.x and later: Site to Site (L2L) IPsec VPN with Policy NAT (Overlapping Private Networks) Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9950.shtml

Regards,

Arul

*Pls rate if it helps*

351
Views
3
Helpful
4
Replies
CreatePlease to create content