Question : VPN traffic need (Policy) NAT to internal IP

Hello Gents,

I have a nice problem, and think there might be several ways to solve.
Let me try to explain.

We have a 2 default gateway routers.

One Internet firewall Cisco 5510 (also DMZ on it), and an INTERNAL router managed by Verizon which route Global network.
All servers and Clients have 2 default routes: 0.0.0.0 --> internet router (10.34.34.x), and 10.0.0.0 --> Global network router (10.32.34.x)

Now we have traffic comming from outside via VPN (172.18.250.248) of internet router, going to global network router...but the route back (to 172.18.250.248) is unknown.

Normally you would add the route on the Global network router, but in this case we don't want that. (Politic game)

Is there a way to create a (Policy) NAT on the Internet Firewall that all traffic comming from the VPN IP (172.18.250.248) is natted to an internal IP, before the traffic goes to the Global network router.

All other suggestions are also very welcom.

Regards

Answer : VPN traffic need (Policy) NAT to internal IP

Here is how I do it.

nat (inside area1) 4 10.70.1.0 255.255.255.0
static (outside, inside area1) 10.70.1.250 10.213.64.201 netmask 255.255.255.255
Random Solutions  
 
programming4us programming4us