I have no issues setting up a VPN but now I have a issue whereby the vendor has the same internal private network as we do they have 10.0.0.0 and we have a 10.168.0.0 . We need to do a policy nat so that it comes over as another address over the vpn. I did a static policy nat with the source being the server on my network to the private address lets say 192.168.1.20 (nat address) they wanted to be policy natted and the destination of their private network. and then enabled PAT for the port that is supposed to come over. I guess i want to know the right way to do a policy nat for an internal ip over a VPN.