Help with No NAT DMZ and VPN Config.

Answered Question
Mar 10th, 2008

Prior to VPN, we're running with "nonatdmz". Recently, we have been trying to implement VPN solution using "VPNRA"

ASA IOS would only allow you use one "NAT 0" at a time, how do you get around this.

TIA

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

access-list VPNRA extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list VPNRA

I have this problem too.
0 votes
Correct Answer by brettmilborrow about 8 years 10 months ago

You can add more than one line to you nonatdmz access-list: e.g:

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
brettmilborrow Mon, 03/10/2008 - 08:34

You can add more than one line to you nonatdmz access-list: e.g:

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

Actions

This Discussion