ASA Upgrade to 8.4 broke my VPN's

ciunetworks · ‎04-04-2011

I just upgraded our ASA to ASA 8.4 and ASDM 6.4 and it broke my VPN's. I think I have narrowed it down the the NAT (PAT) Exceptions. On previous version of the ASA I could add a NAT RULE Exception and now I don't have that option... In the CLI I use to add

nat (inside) 0 access-list inside_nat0_outbound

where inside_nat_outbound was my access list containing my VPN subnets.
Now I get that an error "ERROR: This syntax of nat command has been deprecated."

How can I exclude my VPN IP's from the Nat Rule in 8.4?

Any Help is greatly appriciated

Jennifer Halim · ‎04-04-2011

Here is the format:

Example with the following subnets:

Local subnet: 10.10.10.0/24

Remote subnet: 20.20.20.0/24

object network obj-10.10.10.0

subnet 10.10.10.0 255.255.255.0

object network obj-20.20.20.0

subnet 20.20.20.0 255.255.255.0

nat (inside,outside) source static obj-10.10.10.0 obj-10.10.10.0 destination static obj-20.20.20.0 obj-20.20.20.0

Hope that helps.