PIX NAT issue

[rplxi]

We encouter the problem that we never saw.
We use PIX Firewall between our network and customer's network.
Out network IP addresses are natted to customers network
by static command like below sample configuration;
static (inside,outside) 10.x.x.1 192.168.x.1 netmask 255.255.255.255 0 0
And we also use conduit command like below;
conduit permit tcp host 10.x.x.1 eq 135 10.x.x.0 255.255.255.0

Our customer said he saw his server tried to communicate to IP address 192.168.x.100:135 by packet monitoring tool.
That IP address is our network's. Is it possible to see
the NAT source address at the outside networks?
This can be a very important security issue.
Have you ever heard or seen this kind of problem?

Thanks for reading;
RPLXi

 

[ChrisAC]

I presume that you have a VPN set up then? Why are you NATing from one private address range to another?

Chris.


**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[rplxi]

Hi Chris,

Thanks for your reply.

I didn't configure the pix for VPN.

>Why are you NATing from one private address range to another?

Since I don't want to show our global IP address, I wrote
private address here. Actually, 192.168.x.1 is global address.
And I mistook to write;
(wrong)Our customer said he saw his server tried to communicate to IP address 192.168.x.100:135 by packet monitoring tool.
?
(right)Our customer said he saw his server tried to communicate to IP address 192.168.x.1:135 by packet monitoring tool.

Thanks,
RPLXi

 

[ChrisAC]

So your customers server was trying to send packets to your global address?

I'm not sure what your problem is?

Chris.


**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************