Re: [fw-wiz] VPN NAT issue

you will need a static nat or nat exemption. You are trying to access from
a low security interface to a higher one so put a translation in for the
173.16 net to the vpn pool either by static or nat0. For the static it
would be IN2 int to OUT and for nat0 apply it to IN2 where the rules
stipulate the src from IN2 net to the vpn local pool. Also apply the acl
entries allowing this traffic to the outside acl. Let me know if you have
any issues.


On Wed, Nov 12, 2008 at 4:52 AM, Vladislav Antolik <
vladislav.antolik@xxxxxxxxx> wrote:


I'm using Cisco PIX 515E with 8.0(3) image.
I have 3 networks.
IN2 <>
VPN local pool is
I'm using remote access VPN to reach IN servers without problems(I
used howto from Cisco pix conf. guide)

I would like to reach IN2 servers too, but I don't know to setup NAT
from vpn pool to this network(IN2).
I this network (IN2) my VPN hosts( must be translated.

I tried
nat (OUT) 66
global (IN2) 66
but this doesn't work.

Is any possibility to translate VPN pool?

Many thanks
firewall-wizards mailing list

firewall-wizards mailing list