What I am trying to do is take all traffic from the 192.168.226.X network and pass it onto the 192.168.225.X network. But what I also want is for the traffic from 192.168.226.X destined for the 172.X.X.X network to be natted. But as my configs are now the only ips I can access from the 192.168.226.X network is the 172 subnet. Any pointers would be greatly appreciated.

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname SFS-VPN-Router

!

boot-start-marker

boot-end-marker

!

enable secret xxx

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

!

ip cef

ip audit po max-events 100

!

!

interface Ethernet0

description VPN interface

ip address 192.168.226.1 255.255.255.0

ip nat inside

full-duplex

!

interface FastEthernet0

description SFS interface

ip address 192.168.225.241 255.255.255.0

ip nat outside

speed 100

full-duplex

!

ip nat inside source route-map nat interface FastEthernet0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.225.123

ip route 172.18.11.13 255.255.255.255 192.168.225.3

ip route 172.18.91.143 255.255.255.255 192.168.225.3

ip route 172.29.53.144 255.255.255.255 192.168.225.3

ip route 172.29.53.145 255.255.255.255 192.168.225.3

no ip http server

no ip http secure-server

!

!

access-list 101 deny ip any 192.168.225.0 0.0.0.255

access-list 101 permit ip any any

!

route-map nat permit 10

match ip address 101

!

!

line con 0

line aux 0

line vty 0 4

password xxx

login