PIX VPN using the external addresses

We have a company that has a policy against using internal IPs in their IPSec tunnels. Can someone give me the basic PIX config differences for using the external IPs as opposed to the internals? All of our current tunnels use the internal IPs and several attempts at using the externals haven't gone very well.

Thanks in advance.

Reply to
Nate
Loading thread data ...

This does not make sense !! Do they have clues in IT ? Doing something like that is loosing accounting... if loosing accounting is in their corporate policy, oooh my God!

2 or 3 weeks ago, somebody has asked if it is possible to nat an inside network before getting this nated IP in a VPN. Pretty much, using google searching for that, you'd get ideas on how to do an ugly thing alike.

Hey, do not tell me thank you, hum? The day the first site will be flooding the other site with worm(s), you'll be very happy to investigate who has been infected first.

/Edgar

X-Post

Reply to
Edgar® du Luxembourg®

:> We have a company that has a policy against using internal IPs in their :> IPSec tunnels. Can someone give me the basic PIX config differences

:This does not make sense !! Do they have clues in IT ? Doing something :like that is loosing accounting... if loosing accounting is in their :corporate policy, oooh my God!

It is no worse than using DHCP, which most companies use these days. And the information about which internal host IP it was can easily be pulled from the logs -- the internal host IP and port is shown in every Build, Teardown, and Deny message.

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.