I have a VPN tunnel with the following configuration:
access-list DMZ_nat_static extended permit ip host [actual DMZ IP] host [Remote IP]
access-list Outside_3_cryptomap extended permit ip host [one of my outside IP's] host [Remote IP]
static (DMZ,Outside) [one of my outside IP's] access-list DMZ_nat_static
crypto map Outside_map 3 match address Outside_3_cryptomap
crypto map Outside_map 3 set peer REMOTE GATEWAY IP
crypto map Outside_map 3 set transform-set ESP-3DES-MD5
tunnel-group REMOTE GATEWAY IP type ipsec-l2l
tunnel-group REMOTE GATEWAY IP ipsec-attributes
pre-shared-key *
I have the tunnel created but the remote user cannot connect to my host at the [one of my outside IP's]. So I guess my question is whether this should be working or am I missing something? I am wondering if the NAT that I have is one way or is it both?