cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
178
Views
0
Helpful
1
Replies

Where to NAT? Site-to-Site VPN (PIX with 3005 in DMZ)

bejar
Beginner
Beginner

My configuration is such that my 3005 sits in the DMZ of my PIX. I am creating a L2L VPN with a business partner.

The partner has requested NO RFC1918 through the tunnel. Thus I need to NAT the FTP host that this partner will access. This FTP host is in my internal 172.20.x.x network.

I am confused as to where I should perform the NAT. On the PIX or on the 3005 or both.

The connection layout is:

Internet to Public on PIX

3005 to DMZ on PIX

Both PIX and 3005 have Private Interfaces to my network.

My gut is telling me the NAT should be on the PIX but I am letting the L2L confuse me on how it should all work.

Any assistance would be appreciated.

1 Reply 1

irisrios
Frequent Contributor
Frequent Contributor
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: