Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
1
Replies

Cisco PIX NAT For VPN

rgk013013
Level 1
Level 1

‎06-14-2013 02:12 AM

Hi All ,

I have an cisco PIX with Multiple Site to site VPN tunnel   , there is another VPN s2s VPN tunnel needs to create on PIX firewall

My internal network is 10.1.1.0/24  This is overlaping with other site B

Access is  one way from Site B  to my internal network   how can i nat 10.1.1.0/24 network  another netwok ex 20.1.1.0/24 network only for Site B

And should not affect other VPN tunnels where they accessing 10.1.1.0/24 .

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎06-14-2013 02:20 AM

Hi,

You can configure Static Policy NAT on your site and the remote Site B has to configure NAT also

Your sites configuration could be

access-list SITEB-POLICYNAT permit ip 10.1.1.0 255.255.255.0

static (inside,outside) 20.1.1.0 access-list SITEB-POLICYNAT

If some hosts have Static NAT configured on the network 10.1.1.0/24 you might have to remove the Static NAT and enter it again right after that. This is because without it the Static Policy NAT might not take effect.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents