Here is an interesting problem.. I am missing something very simple.
I have a pix that I want to setup as a vpn server. I am using the easy client software. I have a pool of ip addresses. This is a pool that I picked out of the blue not in use, 192.168.254.0/24. I have no problem getting the remote client to authenticate and get an ip address from the pix in this range.
I do not have any control of the internal router, 172.16.0.1. The inside interface has an ip address on the inside network, 172.16.0.2 and I have confirmed connectivity. If I put in the correct routes, I can ping from the pix to anywhere without any problems.
Here is what I need to do though. I need to have the 192.168.254.0 network natted on the inside. That way, when I get an ip address from this pool and try to ping from a client computer with a 192.168.254 address, as far as the inside is concerned, I am coming from a172.16.0.0 address and not a 192.168.254.0 address.
Can it be done?