02-05-2015 12:56 PM
I am new to the Cisco ASA having used the Nortel Contivity VPN routers for years. I need to NAT an inside host for a particular VPN tunnel to a support vendor. I have create NAT objects, but I now realize that they are NAT for everyone and not just this particular VPN tunnel.
How do I limit my NAT'ing to a particular VPN tunnel.
Thank you in advance,
Stewart Rae
02-06-2015 08:56 AM
A lot of times, I'll see partners use a sole 5505 for a new site to site connection...probably for this reason.
Depending on what ASA version your device is running, you may be able to use twice nat -- that will nat the traffic based on source and destination independently of say a packet from the same source destined for another location.
02-09-2015 01:56 AM
Hello, Stewart Rae.
Can you show ACL for your NAT rules? I think you used ACL based on the source with any destination. Just change rules at this ACL to lines with source of your network and destination behind the VPN.
Best Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide