Re: [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel



Hi,

You can nat both source and destination at your site.

Have a look at the following example:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml

Keep in mind that when using this setup you will need to publish the natted
address on your Citrix servers (google for "Altaddr").

Br.
Robby

On Tue, Aug 26, 2008 at 8:02 PM, Dave Arroyo <dave.a@xxxxxxxxxx> wrote:

I am not a PIX super user but know enough to get in trouble...
I have a PIX515 that has a site to site tunnel to a client location where
we will be accessing Citrix servers, they are using a 10.195.x.x network
that overlaps with other private ranges allready in use throughout our
network. I can not get routing to the 10.195 networks that are on the other
end of this tunnel from the rest of my network.
How do I create a/an psudo address(es) that will NAT to the 10.195 going
through the tunnel ? I am lost !!!!

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • Re: [fw-wiz] bypassing PIX limitation
    ... Couldn't you setup a policy NAT based on their address block? ... Hopefully the following information will be clearer: The network behind ... my PIX is 192.168.99.x. ... going over an ipsec tunnel its plausible). ...
    (Firewall-Wizards)
  • Re: [fw-wiz] PIX to ASA VPN using PAT
    ... Use the IP address out of your NAT or PAT fur you crypto map. ... description the devices on end of tunnel ... My side of the network is NAT'd, so I want to allow one specific host from my inside network to get out out through the tunnel to their network. ...
    (Firewall-Wizards)
  • Re: VPN between two companies - same subnet
    ... NAT the traffic before it crosses the tunnel. ... When you might be able to make changes on the VPN side. ... >>>the same network ID as us. ...
    (microsoft.public.windows.server.networking)
  • Re: Connecting to VPN Router Thats Behind Another Router
    ... network into the 192.168.1.x network. ... On the Actiontec, I have ports ... sounds like a NAT issue, try giving 192.168.0.2 an official IP adress on the Actiontec and do NAT in both directions. ... so your endpoint of the tunnel is the not the Actiontec public adress, ...
    (comp.security.firewalls)
  • Re: XP Home: selective folder sharing
    ... >same would hold for any wireless connection. ... Explaining bridges vs NAT is not easy. ... network are visible to all other components on each network. ... With a bridge (if Falcon-II is providing one), ...
    (microsoft.public.windowsxp.network_web)