Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
4
Replies

VPN's and Nating

mbroberson1
Level 3
Level 3

‎12-19-2006 02:53 PM

We have a new cisco 3825 router that we use for site-to-site vpn's. Several of the vpn's need to access the same internal host. On one of the VPN's we are nating this particular internal host to the outside. On several other VPN's that need access to this same internal host we are not nating the host to the outside. How do you configure a VPN to nat an internal host ip to a remote VPN so it doesn't effect other VPN's that need access to the same internal host?

Thanks,

Labels:
0 Helpful
4 Replies 4

JEREMY GRAY
Level 1
Level 1

‎12-20-2006 04:44 AM

I'd have thought that ip nat inside source list would do this for you, identifying the source and destination in the ACL to qualify for that specific source IP to that specific destination be NAT, while the same source to a different destination would not match the ACL and would therefore not be NAT.

0 Helpful

mbroberson1
Level 3
Level 3
In response to JEREMY GRAY

‎12-20-2006 05:26 AM

We were wondering if we would need to do something with route-maps with this?

Thanks,

0 Helpful

a.ordonez
Level 1
Level 1
In response to mbroberson1

‎12-20-2006 06:28 AM

That's correct. That's how we do it. I think it's the only way to do it. The access-list associated with the NAT route maps have to deny NAT'ing from internal node to far end internal node but allow NAT'ing when some public node tries to access your publicly accessible internal server.

0 Helpful

mbroberson1
Level 3
Level 3
In response to a.ordonez

‎12-20-2006 08:14 AM

How many route-map statements do you typically need?

Thanks,

0 Helpful
Customers Also Viewed These Support Documents