Ok..thanks....i was worried about the public to private ip mapping with NAT and IPSEC. But since esp does not modify the original header...I should be fine to have the vpn clients connect to a public ip that is statically natted to the private ip on the outside pix interface. Right?
Thanks again... Dain ""BJ Rice"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This isn't entirely correct. You can have a private IP address on your > outside interface and have it NAT'd to a public IP address and then > terminate the tunnel there. I am assuming this is what you are doing. Yes > it can be done. > > Yes it will work with IKE Mode Configuration which is the same functionality > of the "vpngroup". Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62266&t=62047 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
