<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2>Hi</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>I have a site to site vpn with a client (fw1 at
each end). I only have one private subnet behind my firewall but my client has
many and <BR>one of these conflicts with mine. <BR>Init<SPAN
class=924292816-30082006>i</SPAN>ally I only needed this connection to work one
way (us --> them) so I put a manual nat rule in place which hide nats my /24
behind <BR>a different private <SPAN class=924292816-30082006>/24
</SPAN>for connections to the client. This works fine</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>Now I have been asked to enable inbound traffic to
certain hosts from the client (them --> us). They can't use the real
addresses of my <BR>hosts as they would be routed to their own network. Any
suggestions on how this can be done (if at all)? I have tried a few things
including adding static nat inbound to the <SPAN
class=924292816-30082006>few </SPAN>hosts they need to access but have had no
success. I can post more config if anyone thinks they can help</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>Thanks</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Zoe</FONT><BR><BR><BR><BR></DIV>
<DIV> </DIV></BODY></HTML>