Firewall Wizards mailing list archives
bypassing PIX limitation
From: Paolo Supino <paolo () actcom net il>
Date: Wed, 08 Nov 2006 19:22:56 -0500
Hi I have a network that is protected by a PIX 515e running 6.3(1). I was asked to setup a IPSEC VPN with a partner. The partner's security policy mandates that a remote encryption domain must use IP addresses on a subnet carved out of their overall IP network range. The network behind my PIX uses IP addresses on a subnet that is outside of their IP network. Adding a second IP to my network isn't supported by the PIX OS. To bypass this limitation I thought of NATing packets going into the VPN tunnel. I've been looking for documentation for such a scenario, but can't find anything. Can packets going into a VPN tunnel be NATed? TIA Paolo _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- bypassing PIX limitation Paolo Supino (Nov 09)
- <Possible follow-ups>
- Re: bypassing PIX limitation Horvath, Kevin M. (Nov 09)
- Re: bypassing PIX limitation Paolo Supino (Nov 09)
- Re: bypassing PIX limitation Josh (Nov 09)
- Re: bypassing PIX limitation Paolo Supino (Nov 09)
- Re: bypassing PIX limitation David Swafford (Nov 09)
- Re: bypassing PIX limitation Paolo Supino (Nov 11)
- Re: bypassing PIX limitation Marcus J. Ranum (Nov 11)
- Re: bypassing PIX limitation Chris Blask (Nov 11)
- Help Dave Piscitello (Nov 15)
- Re: Help Utz, Ralph (Nov 15)
- Re: Help Aaron Smith (Nov 15)
- Re: bypassing PIX limitation Paolo Supino (Nov 11)