INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Policy NAT for traffic coming from VPN L2L

Policy NAT for traffic coming from VPN L2L

(OP)
Hi,



Im trying to configure a policy nat for traffic coming from a VPNL2L. I would like to know if this scenario is supported on a Cisco ASA IOS version 9.1(2)



We have a VPN L2L for different customers, one of them has an overlaping with our internal network, we need to nat a specific host from their network to an inside private ip



Interestering traffic

source (this is the network from customer)

10.10.10.0/24

10.10.20.2/32



destination (this network is in our end) - inside interface of our firewall

20.20.20.0/24

NAT IP address 20.20.30.2



I has been trying to nat this host 10.10.20.2/32 to 10.10.20.2/32 using:



object network obj-10.10.20.2

host 10.10.20.2

object network obj-20.20.30.2

host 20.20.30.2

object network obj-20.20.20.0

subnet 20.20.20.0



nat (outside,inside) source static obj-10.10.20.2 obj-20.20.30.2 destiation static obj-20.20.20.0 obj-20.20.20.0



but the translation is not working., there are no hits for nat (outside,inside)



There is no ACL on the interfaces ( there are only 2: inside security level 100, outside security level 0)



Thanks.



Luis.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close