Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I believe the quick fix would be:access-list inside_dmz_nat0 permit ip 172.22.0.0 255.255.0.0 192.168.1.0 255.255.255.0nat (inside) 0 access-list inside_dmz_nat0nat (dmz) 0 access-list inside_dmz_nat0This should build the xlate slot between your dmz ...
See if this helps you in any way.I'm only speaking to PIX running 6.3(5) though. The way I've done this is with the following scenario: interface(security) - ip--------------------------outside(0)- any ipdmz1(25) - 192.168.1.0 /24dmz2(50) - 192.168....
Follow up question(s). Are you given only 1 public IP from your ISP? And are communications to originate from both yourside and their side -- or from one side only?
Easiest way is to build your VPN tunnel as you normally would. The only additional bit you would need is to "nat 0" your crypto ACL. This will cause the PIX to not perform any static translations prior to sending the traffic over the VPN tunnel.I b...
