Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1078
Views
0
Helpful
2
Replies

IPSEC Tunnel with Static NAT

kaustav.g
Level 1
Level 1

‎08-24-2004 09:44 PM - edited ‎02-21-2020 01:18 PM

We have to Create a IPSEC VPN from a PIX (1) - Site A to Cisco Router (2) - Site B over the internet. Set has been shown below.

PIX -------INTERNET---------Firewall--------Router

(1) (2)

Site A Site B

PIX is having the Public IP and Router is having the Private IP. Can we configure the VPN tunnel from PIX Public to Router Private IP by doing the Satic NAT of the Router Private IP on the Firewall of Site B.

Could someone provide a sample configuration for the same.

Labels:
0 Helpful
2 Replies 2

kaustav.g
Level 1
Level 1

‎08-24-2004 09:50 PM

The above setup has not been pasted correctly. Mention below is the correct setup

PIX (1) is SITE A and Router (2) is Site B.

0 Helpful

krishnas
Level 1
Level 1
In response to kaustav.g

‎08-25-2004 09:18 PM

I think the configuration required on the router and PIX is usual Lan2Lan IPSec configuration when the tunnel-end points are getting NAT'd. If you are using preshared key, you need to make use of post NAT'd address of PIX tunnel-end point address in the preshared key configuration and also with setpeer address in crypto map.

There is an example for configuration between two routers with a PIX firewall doing NAT for one of the end-points. Refer to the following link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml

HTH

krishna

0 Helpful
Customers Also Viewed These Support Documents