[ previous ] [ next ] [ threads ]
 
 From:  Kyle McBride <kyle dot mcbride at instatservices dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSec and NAT-ing the local LAN subnet
 Date:  Thu, 14 Sep 2006 13:08:17 -0700
Is Advanced Outbound NAT my answer for this?  Any leads on how to 
configure it to get me started?  (sorry for the newbie here). The other 
site says they achieve this on a Cisco PIX with a static command.

The desired result is:

Site 1 (m0n0wall 1.22)                                          Site 2 
(Cisco PIX)
LAN subnet       "dummy subnet"     WAN                         WAN     
    LAN subnet
192.168.3.0/24 ---192.168.87.0/24---public IP  --- Internet --- public 
IP---172.31.0.0/21
                                                     |
Third party site (existing IPSec conf. w/Site2)      |
LAN subnet                          WAN              |
192.168.3.0/24----------------------public IP--------+

Kyle McBride wrote:
> Is it possible to NAT the LAN subnet?  I am trying to create an IPSec tunnel
> where the remote site already has another tunnel enabled for a subnet
> equivalent to mine.  They suggested I NAT my subnet to something else and
> use that dummy subnet in the IPSec tunnel config.
>
>  
>
> Current LAN subnet: 192.168.3.0/24
>
> Suggested NAT: 192.168.87.0/24
>
>  
>
>
>