[nsp] NAT and VPN
Alan Andrews
alan at tieless.com
Fri Nov 21 16:40:53 EST 2003
I did something similar to this where I had an IPSEC VPN between a Cisco
3600 and a Linux host with freeswan. The router also had to do NAT.
You can see my configs at
http://www.tieless.com/ipsec/cisco-freeswan-cisco/cisco-freeswan-cisco.html
It doesn't involve a PIX, but it's still a similar situation on the NAT
router side. Might help.
-Alan
On Fri, 2003-11-21 at 15:12, Krzysztof Adamski wrote:
> I need to join two networks, and I need to NAT some hosts.
>
> The network looks like this:
>
> HostA ---- Router A1 ---- Router A2 ---- Router A3 --- Internet
>
> Internet --- PIX B --- net B
>
> Currently Host A is 128.1.1.199 and needs to be visible as 172.30.5.129 to
> net B network.
> Router A3 has a single static IP for connecting to the Internet. This is
> where the VPN to the PIX B is going be setup. I would prefer to do the NAT
> on A3.
> net B is 172.30.255.128 /26
> Nothing else is to go though the VPN.
>
> The connection between net B and HostA has to be bidirectional, there are
> 4 more machines like HostA, each is to have a uniq IP.
> How should the NAT be setup, and how this will interact with the VPN?
>
> K
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list