PIX through NAT

[UnaBomber]

Hey,

I am configuring a VPN tunnel through to our headend Cisco conc, for a remote office through a xdsl connection. Typically for this setup we get a 'no nat' config from the isp (ie a pool of pub IP 1 on the ISP managed router and 1 on the pix).

However I have a situation here where another admin desided to get a NAT config with 1 Public IP on the PPPOE side of the xdsl router and a rfc 1918 address on LAN side. The xDSL router is a pile of crap, ie not a Cisco or Bay networks ;-) Anyway I tryed to setup a Static IP to IP translation, so ANYTHING hiting the public would be forwarded to the private IP on the pix's external int. But the tunnel wont come up. I have check all crypto mappings etc etc and know there is nothing wrong with these. I think the problem is with the xdsl router not forwarding all IP ports to the RFC 1918 address.

So I am going to try and hack it before I shout at my colegue for ordering NAT.

Ok so thats the background, my question is simply this, which ports are required for a VPN cisco pix to cisco conc?

 

[UnaBomber]

doesnt matter managed to get a static IP to IP NAT translation working!