Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
2
Replies

PIX: NAT before IPSec

dhellmuth
Level 1
Level 1

‎09-12-2002 11:41 AM - edited ‎02-21-2020 12:03 PM

Hi,

We're building a LAN-to-LAN IPSec VPN between a PIX and a 3015 Concentrator.

The soure LAN (behind the PIX) uses the same private IPs than the destination LAN (behind the concentrator). We thought of NATing the private addresses of the client LAN on the outside interface of the PIX (PAT). Is this address translation performed before entering the tunnel ?

Any other ideas to solve the problem are welcome.

Thanks

Dirk

Labels:
0 Helpful
2 Replies 2

awaheed
Cisco Employee
Cisco Employee

‎09-12-2002 04:25 PM

Hi Dirk,

You should be able to get this working by doing static one to one NAT for the entire network, for getting an idea kindly look through the following sample config: http://www.cisco.com/warp/public/707/same-ip.html

The NAT happens before the actual IPSec so we can do NAT and then IPSec and this would work without a problem.

Hope this helps,

Regards,

Aamir

-=-=-

0 Helpful

dhellmuth
Level 1
Level 1
In response to awaheed

‎09-15-2002 10:50 PM

Hi Aamir,

we tried it an it works fine.

Thanks for your help.

Regards

Dirk

0 Helpful
Customers Also Viewed These Support Documents