[nsp] NAT and VPN
alan at tieless.com
Fri Nov 21 16:40:53 EST 2003
I did something similar to this where I had an IPSEC VPN between a Cisco
3600 and a Linux host with freeswan. The router also had to do NAT.
You can see my configs at
It doesn't involve a PIX, but it's still a similar situation on the NAT
router side. Might help.
On Fri, 2003-11-21 at 15:12, Krzysztof Adamski wrote:
> I need to join two networks, and I need to NAT some hosts.
> The network looks like this:
> HostA ---- Router A1 ---- Router A2 ---- Router A3 --- Internet
> Internet --- PIX B --- net B
> Currently Host A is 184.108.40.206 and needs to be visible as 172.30.5.129 to
> net B network.
> Router A3 has a single static IP for connecting to the Internet. This is
> where the VPN to the PIX B is going be setup. I would prefer to do the NAT
> on A3.
> net B is 172.30.255.128 /26
> Nothing else is to go though the VPN.
> The connection between net B and HostA has to be bidirectional, there are
> 4 more machines like HostA, each is to have a uniq IP.
> How should the NAT be setup, and how this will interact with the VPN?
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp