I have a PIX that has statically translated IPs for servers. For example, say the outside IP of a server is 172.1.1.1 and the inside is 10.1.1.1. I also have an IPSec tunnel with some vendors that can build a tunnel with my PIX for the 10.1.1.0 network.
Is there any way I can build a tunnel with them for 172.1.1.1 IPs? In other words, their requirement is to establish a tunnel for public IPs, which means that they want to have my PIX as a peer, but route anything going to 172.1.1.0 through the tunnel. Sort of like PIX would first strip down the tunnel and then translate the IP addresses.
Would that work? Or do I have to move the VPN functionality to a device in front of PIX?
Thank you,
Vladimir