Hi All,
We have a number of Cisco 3000 Concentrators which are doing VPN beautifully. But at a couple sites we want to enable NAT for the PCs inside.
I've tried everything to get NAT working out and the best i can get is to ping out. No surfing and no ftp access.
I've added three rules as per the docs but I still cant' get it to work:
---------------------------
You can configure a maximum of 10 NAT rules. A typical system might have three rules:
Provide FTP Proxy services for all private network addresses.
Map TCP/UDP ports in packets to and from all private network addresses.
Translate IP addresses for protocols that do not use ports (No Port Mapping).
-----------------------
I've tried adding them in different orders but doesn't seem to take effect. Where am I going wrong??
I'm sure i've got my subnet mask and stuff OK because when i enable the 'No Port mapping' ping suddendly starts to work. I'm baffled as to why the other two don't.
Any ideas or pointers to something i can read to understand what's going on?
Thanks
Matthew