We have four office locations that we need to VPN together all of them have NS5GT Firewalls. What we want at all four location is the same LAN IP scheme.
For eg; 10.1.2.x scheme
All locations have static WAN IP. What kind of VPN would be recommended and if possible steps to implement them at all four locations.
johnny021 wrote that they want it, so yes, they *do* want it. They probably don't want all the problems that go along with it, but they might have some good reason in mind -- e.g., to make it easy to carry a computer between the four locations without having to reconfigure it at all. Or they might simply have been told by a PHB to do it that way.
In general, there is little more reason not to use NAT with a VPN than there is not to use NAT at all. If you do not happen to be using one of the protocols that NAT messes up, then you might as well, technically speaking, NAT your VPN traffic.
There is certainly the point that using a VPN is often a way to -avoid- having to NAT traffic that NAT -does- mess up (e.g., host locations tracked by Microsoft domain registries), but that's not the issue in this situation in which the OP specifically asked to NAT.
The OP did not ask for recommendations on how to get away without doing NAT: the OP asked for recommendations on how to do the NAT anyhow, and asked what equipment would be needed in order to implement it.
I answered the poster in Cisco terms in comp.dcom.sys.cisco, which he had multiposted to (even though Cisco doesn't make NS5GT firewalls...)
My answer was less than 2 hours after the OP's question, and I provided information about which equipment would or would not be able to handle the situation under various circumstances, "naming names" (and software versions.)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.