Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
1
Replies

no-NAT scenario with ASA as vpn endpoint--help!

mjsully
Level 1
Level 1

‎03-12-2009 06:45 PM - edited ‎03-11-2019 08:04 AM

I'm setting up a pair of ASA firewalls that will exclusively be used as VPN endpoints for about 75 tunnels. All traffic passing through it will be VPN traffic, to which none of it needs to be NAT'd. I'm running version 8.x on the ASAs. Nat-control is disabled. My question is, without the need to NAT, do I have to put in any no-nat config or will the ASA simply pass the traffic as is? And if I am required for a no-nat statement, is below what I need to make it work:

access-list no-nat permit ip any any

nat (inside) 0 access-list no-nat

I don't want to add any unnessary config. Can anyone verify for sure whether or not I need to do anything?

Labels:
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎03-12-2009 08:02 PM

Without nat-control you should not have a problem as long as there is no nat statements at all, your nat statement however should be ok in case you need it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card