[fw-wiz] bypassing PIX limitation



Hi

I have a network that is protected by a PIX 515e running 6.3(1). I was
asked to setup a IPSEC VPN with a partner. The partner's security policy
mandates that a remote encryption domain must use IP addresses on a
subnet carved out of their overall IP network range. The network behind
my PIX uses IP addresses on a subnet that is outside of their IP
network. Adding a second IP to my network isn't supported by the PIX OS.
To bypass this limitation I thought of NATing packets going into the VPN
tunnel. I've been looking for documentation for such a scenario, but
can't find anything. Can packets going into a VPN tunnel be NATed?







TIA
Paolo

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards