On 08/18/2006 10:24:29 AM, Steve Chinatti wrote:
Hello PF List,
I'm hoping someone can help me out with my configuration issue.
The problem is that there is
overlap in the private RFC1918 addresses used in both sites. Let's
call them
SiteA and SiteB.
I only need to connect from
SiteA->SiteB (i.e. connections will never be initiated from
SiteB->SiteA, but of course sessions initiated from SiteA will have
return traffic...).
SiteA (my site) is using a OpenBSD PF firewall with multiple
interfaces (internal, external, DMZ). The DMZ uses a non-conflicting
address (not in the 192.168.0.0/16 range), but the internal hosts use
the 192.168.0.0/16 network.
Couldn't you NAT on your external interface and then rdr the
result to the PIX and have that route the traffic through the
tunnel?
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
