I have a Cisco PIX 515E. What i am trying to do is to NAT the traffic thru a VPN. Here are some details.

outside interface 66.109.XXX.XXX 255.255.XXX.XXX

inside interface 10.20.XXX.XXX 255.255.XXX.XXX

The other side of the VPN has a public ip of 12.108.xxx.xxx and a private ip address of 10.251.0.0/16

What I need to do is to translate my inside ip's which are 10.20.xxx.xxx to 172.20.xxx.xxx

This is where I am stuck. These are the commands I have used

access-list new extended permit ip 172.20.0.0 255.255.0.0 10.251.0.0 255.255.0.0

access-list policy-nat extended permit ip 10.20.0.0 255.255.0.0 10.251.0.0 255.255.0.0

and at this command I get an error from the pix

static (inside,outside) 172.20.0.0 access-list policy-nat

this is the error I receive

ERROR: mapped-address conflict with existing static
inside:10.20.0.0 to outside:172.20.0.0 netmask 255.255.0.0

I have the crypto maps configured but the above is where the problem lies.

Any help would be appreciated. Thanks.