I have a PIX firewall that is being used for a VPN as well. The problem is
all the inside addresses are being translated to public addresses even when
the traffic is destine for the VPN tunnel. I tried the following commands
but this seems to block all translations.
(real IPs have been replaced for security)
access-list nonat permit ip 192.168.2.0 255.255.255.0 192.168.1.0
255.255.255.0
nat (inside) 0 access-list nonat
global (outside) 1 172.16.10.1 net 255.255.255.255
I also tried using DENY in the access list
access-list nonat deny ip 192.168.2.0 255.255.255.0 192.168.1.0
255.255.255.0
This didn't work either.
How can I can the traffic destined for the Internet to be translated and the
traffic destined for the VPN not be translated?
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
