I would like to know if I can use multiple NAT 0 statements for the same interface e.g inside interface.
Presently I am already using a nat (inside) 0 statement with an access list. Now I want to implement a site to site vpn. So I want the new access-list also not to be natted for the vpn traffic.
Please let me know.
You can have as many as you like. You can mix and match nat 0 access-list and nat 0 ip.address.block.here subnet.mask.goes.here style statements as well
nat 0 access-list is a true nat exemption, and is probably the best practice. Its probably cleanest to maintain one access-list for use for one nat 0 command statement
Just wanted to confirm.if the following will work ?
nat (inside) 0 access-list 100
nat (inside) 0 access-list 110
nat (inside) 0 access-list 120