http://www.ISAserver.org ------------------------------------------------------- Hey guys, We have an ISA 2004 SE server with public IP's on the external interface. The internal network uses a 10/8 numbering scheme. Now we must configure a site-to-site IPSec tunnel mode VPN to a Juniper box. However, we must NAT the traffic to a network ID assigned by the remote site *before* sending the traffic accross the VPN tunnel (source NAT before tunneling the traffic). Take note that: - only general outbound traffic accross the VPN tunnel is needed. - if inbound traffic is needed accross the VPN tunnel then a publishing scenario should be possible. - there is *no* overlapping between the internal network ID and the network ID we must translate to. Can this be done on an ISA 2004 and still be manageable? Thanks, Stefaan ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx