Mission2000
Programmer
We have a PIX 506 and are getting ready to setup a site-to-site VPN to a vendor of ours. Our internal network is 192.168.20.X. The problem is that our vendor already has a VPN setup to another client using the 192.168.20.X network as their interesting traffic. They are asking me to give them a different network to send traffic to for it to pass across their VPN. Preferably 10.201.1.X
My idea was this. Give the server they need access to an additional ip of 10.201.1.2 or something and do a route inside on the PIX for that network as well as configuring our internal router to support the 10.201.1.X network. I assume that would work, but I don't like this idea as it will quickly make our network difficult to manage if this happens again.
Is there a better way to handle this? I would like to do some sort of translation if possible but to my knowledge the PIX doesn't translate VPN traffic.
Any ideas? Someone has surely had this problem before.
My idea was this. Give the server they need access to an additional ip of 10.201.1.2 or something and do a route inside on the PIX for that network as well as configuring our internal router to support the 10.201.1.X network. I assume that would work, but I don't like this idea as it will quickly make our network difficult to manage if this happens again.
Is there a better way to handle this? I would like to do some sort of translation if possible but to my knowledge the PIX doesn't translate VPN traffic.
Any ideas? Someone has surely had this problem before.
