Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SA250 VPN/NAT issue


I am new to the SA520 and have the situation I describe below - any assistance will be greatly appreciated.

I have a SA520 at my site and need to setup a site to site VPN with another company. Two issues: 1. My ISP connection to the SA520 uses PPPoE and so the IP information is auto assigned. I need to use another IP address of out my small public IP address assignment pool as the VPN endpoint address, however, when I enter the PPPoE profile information, the VPN gateway configuration automatically picks up the first IP address assigned by the PPPoE protocol. Is it possible to assign a 2nd IP address to the WAN interface and use that 2nd address as the VPN endpoint?

2nd issue: The SA520 seems to automatically apply NAT exemption to the traffic being sent through the site-to-site VPN tunnel. I need this VPN traffic to be NATed to the SA520 WAN interface since the company to which I am making the connection will not allow  private IP addresses into their network through the tunnel.

Thanks in advance,