[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


steps to creating a 1:1 address translation

Posted on 2004-11-16
Medium Priority
Last Modified: 2010-04-10
So what are the steps to create a one-to-one address translation on a Pix and/or Microsoft VPN server
Question by:keismi2002
LVL 36

Accepted Solution

grblades earned 750 total points
ID: 12594287
Hi keismi2002,
On the PIX you add a 'static' command in this form :-
static (inside,outside) INTERNAL_IP_ADDRESS EXTERNAL_IP_ADDRESS netmask 0 0
You then need to make sure the access-list applied to the outside interface permits the ports you want inbound to the NAT'd IP address.

Expert Comment

ID: 12594325
assuming you want to setup VPN for MS VPN clients on Cisco PIX, quoted form http://www.chicagotech.net

How to setup VPN for MS VPN clients on Cisco PIX

To setup VPN for MS VPN clients on Cisco PIX, you need to add the following lines.
access-list 101 permit ip
ip local pool bigpool
nat (inside) 0 access-list 101
vpdn group 1 accept dialin pptp
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe 128
vpdn group 1 client configuration address local bigpool
vpdn group 1 client configuration dns yourdns
vpdn group 1 client configuration wins yourwins
vpdn group 1 pptp echo 60
vpdn group 1 client authentication local
vpdn username username password *********
vpdn enable outside


Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question