Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
596
Views
0
Helpful
1
Replies

Per tunnel NATTING on Cisco ASA

mohsin.khan
Level 3
Level 3

‎04-13-2011 05:30 AM

Is it possible to NAT a single Source IP to different IPs on per VPN tunnel?For instance, if 10.10.10.10/32 is server IP, and we want to nat this IP to 192.169.1.10/32 to VPN tunnel-x and 172.18.1.10/32 to VPN tunnel-y. It would be greatful if you could share the config.

regards

Mohsin

Labels:
0 Helpful
1 Reply 1

Shrikant Sundaresh
Cisco Employee
Cisco Employee

‎04-13-2011 06:00 AM

Hi Mohin,

You could try something like this:

access-list nat_for_tunnel_x permit ip host 10.10.10.10

static (inside,outside) 192.169.1.10 access-list nat_for_tunnel_x

access-list nat_for_tunnel_y permit ip host 10.10.10.10

static (inside,outside) 172.18.1.10 access-list nat_for_tunnel_y

So we basically created two static policy NAT rules, which do the nat keeping in mind which network the server would be communicating with.

Hope this helps.

-Shrikant

P.S.: Please mark the question as answered, if it has been resolved. Do rate helpful posts. Thanks.

0 Helpful
Customers Also Viewed These Support Documents