Solved

NAT on Cisco Pix

Posted on 2009-05-17
3
244 Views
Last Modified: 2012-05-07
I have set a site to site VPN up which works fine however,  The other side say that they can see my private address.  They need to see me as my public address.
The tunnell will be used for FTP only and ALL traffic will start at my side (Only put).  
0
Comment
Question by:nigel_pettit
3 Comments
 
LVL 10

Accepted Solution

by:
lanboyo earned 125 total points
ID: 24408663
This is a somewhat difficult task, unless your addresses are already nated bfore they get to the pix. The interesting traffic list must be the same on both sides of the ipsec tunnel.
0
 
LVL 28

Assisted Solution

by:asavener
asavener earned 125 total points
ID: 24411356
You can NAT prior to encrypting, but you have to set it all up manually instead of using the VPN wizard in ASDM.
0
 
LVL 1

Author Comment

by:nigel_pettit
ID: 24416503
Thankyou very much for your comments.  I was forced to have the conference call today to address the problem.  To my suprise I managed to get it sorted as follows :  (All via GUI)
As previously told I already had a tunnel set up where my private IP was visable.
I added a static route for my private IP to translate to a spare public IP.  For a while it did not work.  I checked the exemptions and fond that when removing the exemption in the ipsec config it infact did not changed the config.  I removed the exemption from the translation rules screen and it started working.  how shocked was I.  Thanks a lot anyway guys,  I am NO cisco expert so I may not be able to help you guys but am grateful for your time
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5506 5 38
VLANs, Cisco Switch, and Ruckus Wireless AP 2 50
Cisco Air AP 6 30
stacking Catalyst 3650 11 11
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now