RA VPN Error

Unanswered Question
May 10th, 2007
User Badges:

Hi Gents,

I have configured 2xRA VPN connections.

ip local pool inside_pool mask

ip local pool dmz_pool mask

I have acl restrictions for both pool. Inside_pool has access to inside network:

for instance

It is working fine.

DMZ_pool has access to dmz servers.

But it doesn't work.

I can manage connecting by RA VPN(dmz_pool). But i can't reach the servers in DMZ. I saw in logs that "no translation group found for outside ip "

Is it normal that ASA asking me about NAT configuration for OUTSIDE?

I do the same for inside_pool, except that access goes to inside interface,not to dmz interface.It is working fine without any nat translation requirements.

Any comments will be appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mfreijser Thu, 05/10/2007 - 03:18
User Badges:
  • Bronze, 100 points or more

A nonat access-list from the DMZ to the OUTSIDE should do the trick:


access-list nonat_dmz permit ip

nat (dmz) 0 access-list nonat_dmz


Note that this will no affect any statics already created for the DMZ-subnet!

Please rate if the post helps!




This Discussion