https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907113#M436550 <HTML><HEAD></HEAD><BODY><P>i have attached packet tracer output and the firewall config , kindly look in to that .</P></BODY></HTML> Mon, 21 May 2012 14:08:56 GMT jibsoni 2012-05-21T14:08:56Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907110#M436534 <P>Dear all,</P><P></P><P>I am facing an issue , which needs your valuable support. </P><P>As per the&nbsp; attached diagram , remote users are getting ip address 192.168.2.x , internal IP = 192.168.1.x , DMZ ip = 172.16.1.x and 10.0.0.x network is accessed via router connected on DMZ in which i dont have control.</P><P></P><P>My issue is that remote users want to access 10.0.0.x network but they can't , at the same time they can access DMZ and internal network.</P><P></P><P>I have tried no NAT as below and i removed first line of ACL as well, but the result is same</P><P></P><P>access-list 160 permit ip 10.0.0.0 255.0.0.0 192.168.2.0 255.255.255.0</P><P>access-list 160 permit ip 172.16.1.0 255.255.255.0 192.168.2.0 255.255.255.0<SPAN id="mce_marker"> </SPAN></P><P>nat (dmz) 0 access-list 160</P><P></P><P>i wish to try NATing 192.168.2.x&nbsp; traffic using a DMZ IP addess when packets are destined to 10.0.0.x.</P><P></P><P>can some one suggest me on how to proceed ?</P> Mon, 11 Mar 2019 23:09:00 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907110#M436534 jibsoni 2019-03-11T23:09:00Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907111#M436548 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P> You need to look at a dynamic policy NAT and nating the VPN users to either the DMZ interface or an address within DMZ range which is dedicated to that purpose.</P><P></P><P>Sent from Cisco Technical Support iPad App</P></BODY></HTML> Sun, 20 May 2012 21:44:17 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907111#M436548 ju_mobile 2012-05-20T21:44:17Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907112#M436549 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>You could do a :</P><P>NAT (outside) 1 192.168.2.0 netmask 255.255.255.0 outside</P><P>global (dmz) 1 172.16.1.x</P><P>Can you do a packet-tracer and show us the result of that, this will lead us to a nat or something else issue.</P><P>The No_Nat configuration is perfect.</P><P></P><P></P><P></P><P>Regards,</P><P></P><P>Julio</P><P></P><P> DO rate all the helpful posts</P></BODY></HTML> Sun, 20 May 2012 22:25:46 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907112#M436549 Julio Carvajal 2012-05-20T22:25:46Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907113#M436550 <HTML><HEAD></HEAD><BODY><P>i have attached packet tracer output and the firewall config , kindly look in to that .</P></BODY></HTML> Mon, 21 May 2012 14:08:56 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907113#M436550 jibsoni 2012-05-21T14:08:56Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907114#M436551 <HTML><HEAD></HEAD><BODY><P>Hi all , </P><P></P><P>As <A _jive_internal="true" href="https://community.cisco.com/people/jcarvaja" id="jive-5895074370082025057416" onmouseout="" onmouseover="">jcarvaja</A> sujested i have tried the NAT config but no luck.</P><P></P><P>Please provide me a solution .</P></BODY></HTML> Sat, 26 May 2012 14:18:51 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907114#M436551 jibsoni 2012-05-26T14:18:51Z https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907115#M436552 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Here is what I want you to do now:</P><P></P><P>access-list test permit ip 192.168.2.0 255.255.255.0 10.0.0.0 255.255.255.0</P><P>nat (outside) 10 access-list test outside</P><P>global (dmz) 10 interface</P><P></P><P>Regards,</P><P></P><P>Let me know the result.</P><P></P><P><STRONG>Rate all the helpful posts</STRONG></P></BODY></HTML> Sat, 26 May 2012 21:30:24 GMT https://community.cisco.com/t5/network-security/cisco-remote-vpn-nat-issue/m-p/1907115#M436552 Julio Carvajal 2012-05-26T21:30:24Z