We have a Site to Site VPN between Astaro V4.017 and Cisco PIX. The IPsec VPN is up with no issues but we are having issues with SNAT and getting the data through the tunnel. The scenario is as follows.
Local_Lan 192.168.1.0
Internal_Interface 192.168.1.1
External_Interface 213.254.x.y
Remote Host (VPN destination subnet) 62.40.y.z
We are SNatt'ing the Internal Lan behind 213.254.x.y as this is the only IP address that our customer will allow in their Cisco Pix Access Lists and Crypto Map.
We have allowed packet rule.
Source -Local_Lan Dest Remote Host Service Any Allow.
Thsi traffic is hitting the remote host but doing so in the clear i.e. not through the established VPN tunnel.
Can anyone assist us in getting the traffic destined for the remote host down the VPN tunnel as required.
Nat_T is turned On
We have tried Masq'ing but we require our Ext_Interface address in the Local subnet of the VPN config.
Any assistance would be appreaciated.
Regards
This thread was automatically locked due to age.