Am on a pix running 7.1(2)
I have a VPN setup, which is using NAT due to overlapping domains, and customer wanting to keep traffic to servers public IP out of the VPN
Server is 192.168.1.2 with a public nat of x.x.170.193 and a vpn NAT of 192.168.17.2
Remote side is 192.168.254.253
I have;
access-list vpn-test extended permit ip 192.168.17.0 255.255.255.0 host 192.168.254.253
access-list policy-nat extended permit ip host 192.168.1.2 host 192.168.254.253
static (dmz,outside) x.x.170.193 192.168.1.2 netmask 255.255.255.255
static (dmz,outside) 192.168.17.2 access-list policy-nat
I can get traffic from 192.168.254.253 to 192.168.17.12 across the tunnel, but in the other direction it ignores the policy NAT..
What have I missed?
Cheers
I have a VPN setup, which is using NAT due to overlapping domains, and customer wanting to keep traffic to servers public IP out of the VPN
Server is 192.168.1.2 with a public nat of x.x.170.193 and a vpn NAT of 192.168.17.2
Remote side is 192.168.254.253
I have;
access-list vpn-test extended permit ip 192.168.17.0 255.255.255.0 host 192.168.254.253
access-list policy-nat extended permit ip host 192.168.1.2 host 192.168.254.253
static (dmz,outside) x.x.170.193 192.168.1.2 netmask 255.255.255.255
static (dmz,outside) 192.168.17.2 access-list policy-nat
I can get traffic from 192.168.254.253 to 192.168.17.12 across the tunnel, but in the other direction it ignores the policy NAT..
What have I missed?
Cheers
