PIX NAT and VPN question

Scott Jackson · 06-19-2008

Is it possible to have NAT and a site to site VPN tunnel running using the translated addresses on the one PIX?

I have been giving an IP address pool from a client to use to connect to their network. I need to NAT our private LAN addresses to this range and then use the new addresses in the VPN configuration to connect to their network.

I tried setting up the NAT config which worked fine. I then added a site to site VPN config and in the access list specified the translated addresses. When I test this the NAT translation works but the VPN fails which I was sort of expecting.

Am I going to need a router or other device to do the NAT translation first and then have the firewall for the VPN or is there to make it work on just a single firewall?

Thanks
Scott

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
VPN PIX-_static PIX ; PIX-dynamic_PIX ; VPN Client	Svenn	Cisco	3	03-13-2006 09:25 AM
VPN on PIX can't work with vpn client behind nat	Tomi	Cisco	3	05-11-2005 11:43 AM
VPN, from nat without VPN to nat with it	Allan Wilson	Cisco	1	07-05-2004 10:51 PM
PIX to PIX VPN and VPN Client to PIX Config Example?	GVB	Cisco	1	02-06-2004 07:44 PM
Pix-to-Pix VPN - BOTH BOXES BEHIND NAT!!!	Michael Gorsuch	Cisco	1	10-24-2003 09:35 AM