Re: [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel
- From: "ॐ aditya mukadam ॐ" <securescorp@xxxxxxxxx>
- Date: Fri, 5 Sep 2008 15:57:10 +0530
Dave,
As correctly suggested by the group you would need to use *policy
based static NAT*. Keep in mind, NATing happens first and then will
hit the crypto map.So, define your crypto ACLs accordingly. Make sure
there is no conflicting NAT-0 statement for the crypto traffic as,
NAT-0 will take precedence over Static !
Thanks,
Aditya Govind Mukadam
On Fri, Sep 5, 2008 at 1:43 AM, Robby Cauwerts <robby@xxxxxxxxxxx> wrote:
Hi,_______________________________________________
You can nat both source and destination at your site.
Have a look at the following example:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml
Keep in mind that when using this setup you will need to publish the natted
address on your Citrix servers (google for "Altaddr").
Br.
Robby
On Tue, Aug 26, 2008 at 8:02 PM, Dave Arroyo <dave.a@xxxxxxxxxx> wrote:
I am not a PIX super user but know enough to get in trouble...
I have a PIX515 that has a site to site tunnel to a client location where
we will be accessing Citrix servers, they are using a 10.195.x.x network
that overlaps with other private ranges allready in use throughout our
network. I can not get routing to the 10.195 networks that are on the other
end of this tunnel from the rest of my network.
How do I create a/an psudo address(es) that will NAT to the 10.195 going
through the tunnel ? I am lost !!!!
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel
- From: Dave Arroyo
- Re: [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel
- From: Robby Cauwerts
- [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel
- Prev by Date: Re: [fw-wiz] VPN/DMZ problem
- Next by Date: Re: [fw-wiz] VPN/DMZ problem
- Previous by thread: Re: [fw-wiz] PIX515 Inside NAT to private addresses through P2PTunnel
- Next by thread: [fw-wiz] Question on PIX replication
- Index(es):
Relevant Pages
|
