http://www.ISAserver.org ------------------------------------------------------- Define a NAT relationship from "Internal" to "S2S". You'll have to use publishing rules to get from "S2" to "Internal", but it sound like this is what you want anyway. -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stefaan Pouseele Sent: Saturday, April 01, 2006 2:23 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Is this possible with ISA 2004 : source NAT before tunneling the traffic ? http://www.ISAserver.org ------------------------------------------------------- Hey guys, We have an ISA 2004 SE server with public IP's on the external interface. The internal network uses a 10/8 numbering scheme. Now we must configure a site-to-site IPSec tunnel mode VPN to a Juniper box. However, we must NAT the traffic to a network ID assigned by the remote site *before* sending the traffic accross the VPN tunnel (source NAT before tunneling the traffic). Take note that: - only general outbound traffic accross the VPN tunnel is needed. - if inbound traffic is needed accross the VPN tunnel then a publishing scenario should be possible. - there is *no* overlapping between the internal network ID and the network ID we must translate to. Can this be done on an ISA 2004 and still be manageable? Thanks, Stefaan ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx