Solved

NAT on Cisco Pix

Posted on 2009-05-17
3
245 Views
Last Modified: 2012-05-07
I have set a site to site VPN up which works fine however,  The other side say that they can see my private address.  They need to see me as my public address.
The tunnell will be used for FTP only and ALL traffic will start at my side (Only put).  
0
Comment
Question by:nigel_pettit
3 Comments
 
LVL 10

Accepted Solution

by:
lanboyo earned 125 total points
ID: 24408663
This is a somewhat difficult task, unless your addresses are already nated bfore they get to the pix. The interesting traffic list must be the same on both sides of the ipsec tunnel.
0
 
LVL 28

Assisted Solution

by:asavener
asavener earned 125 total points
ID: 24411356
You can NAT prior to encrypting, but you have to set it all up manually instead of using the VPN wizard in ASDM.
0
 
LVL 1

Author Comment

by:nigel_pettit
ID: 24416503
Thankyou very much for your comments.  I was forced to have the conference call today to address the problem.  To my suprise I managed to get it sorted as follows :  (All via GUI)
As previously told I already had a tunnel set up where my private IP was visable.
I added a static route for my private IP to translate to a spare public IP.  For a while it did not work.  I checked the exemptions and fond that when removing the exemption in the ipsec config it infact did not changed the config.  I removed the exemption from the translation rules screen and it started working.  how shocked was I.  Thanks a lot anyway guys,  I am NO cisco expert so I may not be able to help you guys but am grateful for your time
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now