Hi
Can anyone tell me whether what I am trying to do is possible. At the moment we have remote users authenticating into the PIX firewall with VPN client 3.5, where they are allocated a 192.168.0 address from the VPN pool. We now would like them to also have access to a sister site which means going outside the pix into a lesser security area and across a VPN over the internet.
I have set up NAT for the relevant addresses so that it
will give them a routeable address, but nothing seems to happen. If you do a show xlate while attempting to get out again there is no activity.
It has occurred to me that what I am trying to do is not actually possible, ie you can't NAT the psuedo IP address from the VPN pool. Any ideas, or can I do this some other way?
Thanks
Can anyone tell me whether what I am trying to do is possible. At the moment we have remote users authenticating into the PIX firewall with VPN client 3.5, where they are allocated a 192.168.0 address from the VPN pool. We now would like them to also have access to a sister site which means going outside the pix into a lesser security area and across a VPN over the internet.
I have set up NAT for the relevant addresses so that it
will give them a routeable address, but nothing seems to happen. If you do a show xlate while attempting to get out again there is no activity.
It has occurred to me that what I am trying to do is not actually possible, ie you can't NAT the psuedo IP address from the VPN pool. Any ideas, or can I do this some other way?
Thanks