No announcement yet.

Policy NAT for VPN traffic

  • Filter
  • Time
  • Show
Clear All
new posts

  • Policy NAT for VPN traffic

    I have a Cisco PIX 515E. What i am trying to do is to NAT the traffic thru a VPN. Here are some details.

    outside interface 66.109.XXX.XXX 255.255.XXX.XXX

    inside interface 10.20.XXX.XXX 255.255.XXX.XXX

    The other side of the VPN has a public ip of and a private ip address of

    What I need to do is to translate my inside ip's which are to

    This is where I am stuck. These are the commands I have used

    access-list new extended permit ip

    access-list policy-nat extended permit ip

    and at this command I get an error from the pix

    static (inside,outside) access-list policy-nat

    this is the error I receive

    ERROR: mapped-address conflict with existing static
    inside: to outside: netmask

    I have the crypto maps configured but the above is where the problem lies.

    Any help would be appreciated. Thanks.

  • #2
    Re: Policy NAT for VPN traffic

    Normally you would do a L2L vpn tunnel where the traffic destined for the remote subnet is tunneled.

    Infact the only traffic that isnt normally nat-ed is the traffic destined for the tunnel.