Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
0
Helpful
1
Replies

Static NAT on PIX 501 help

Go to solution
chris.lantz
Level 1
Level 1

‎02-24-2010 12:26 PM

I have PIXA (192.168.27.0) connecting to PIXB (192.168.1.0) with a VPN.  I would like to NAT the PIXB network to 10.10.1.0 when it connects to PIXA, so that when I do a "sh ipsec sa" on PIXA it shows the remote ident as 10.10.1.0 instead of 192.168.1.0.  I have attached my PIXB config.  Would somebody mind looking it over and telling me what I am doing incorrectly?  Thanks for any ideas.

Labels:
61443-chris-pix.san.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Yudong Wu
Level 7
Level 7

‎02-24-2010 09:56 PM

1. remove "nat (inside) 0 access-list NO-NAT"

2. change acl 90 to "access-list 90 permit ip 10.20.1.0 255.255.255.0 192.168.27.0 255.255.255.0"

3. change ACL on the other end as well.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Yudong Wu
Level 7
Level 7

‎02-24-2010 09:56 PM

1. remove "nat (inside) 0 access-list NO-NAT"

2. change acl 90 to "access-list 90 permit ip 10.20.1.0 255.255.255.0 192.168.27.0 255.255.255.0"

3. change ACL on the other end as well.

0 Helpful
Customers Also Viewed These Support Documents