Static 1 to 1 NAT config needed through Cisco PIX IP Sec VPN Tunnel

Discussion in 'Cisco' started by proza, Jan 10, 2007.

  1. proza

    proza Guest

    Hi all

    Now I'm using a dynamic NAT config in a IP SEC VPN LAN-2-LAN through a PIX.
    I want to create a complete new config where the client are natted whitout
    using the original destination IP address

    client--[routed-net]--[PIX2]--IP-SEC-VPN--[PIX2]--hostsegment--[host-10.1.1.1]

    Static NAT pool
    Client 10.220.0.1 connects to 10.96.40.1 and will be connected to host
    10.1.1.1
    Client 10.220.0.2 connects to 10.96.40.2 and will be connected to host
    10.1.1.2

    How to setup a static nat (pool) for this combination, where 10.96.40.254 is
    the inside IP addres of PIX2.

    Could you please help me?

    regards
    Proza
     
    proza, Jan 10, 2007
    #1
    1. Advertisements

  2. Could you repost, re-explaining what you want to do? I don't seem to
    catch what you are talking about when you reference the destination IP
    address, and I don't understand what you are saying about this
    client "connecting" to that address ?


    [Note: I tried to send this request for clarification through email,
    but your return address is non-functional.]
     
    Walter Roberson, Jan 10, 2007
    #2
    1. Advertisements

  3. proza

    proza Guest

    Client--[routed-net]--[PIX1]--IP-SEC-VPN--[PIX2]--hostsegment--[host-10.1.1.1]

    Client 10.220.0.1 need to reach host 10.1.1.1 without using the destination
    host address 10.1.1.1 directly. For that I want to use a "NAT pool" on the
    inside interface of PIX1 (10.96.0.254). So for real the client 10.220.0.1
    connects for example to 10.96.0.1 (= NATted host 10.1.1.1)



    [Note: You can use the e-mail address, after the whipe out the part
    "magweg"]
     
    proza, Jan 11, 2007
    #3
  4. proza

    proza Guest

    -
    repost done
     
    proza, Jan 13, 2007
    #4
  5. proza

    Nos Guest

    Hi Proza.
    Have you found a solution as this is exactly what I want to do also.

    Thanks

     
    Nos, Jan 16, 2007
    #5
  6. proza

    proza Guest

    Hi Nera

    No solutions found yet, still busy on it


     
    proza, Jan 18, 2007
    #6
  7. proza

    miskaone Guest

    What is your application for this? Are you trying to address routing
    issue on the inside network?
     
    miskaone, Jan 19, 2007
    #7
  8. proza

    proza Guest

    http access to Oracle application, to an inside address.

    --
     
    proza, Jan 19, 2007
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.