I have the config below on my router. I would like to PAT users to the outside interface for internet traffic and NAT them to a nat pool for a site-to-site VPN. When I add the second nat statement for the NAT pool, the internet nat stops working, however, the second nat works.
Can anyone tell me the the config below should work?
ip nat outside
ip nat inside
ip access-list extended acl_nat
deny ip 192.168.1.0 0.0.0.255 10.0.0.0 0.255.255.255
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended acl_nat2
permit ip 192.168.1.0 0.0.0.255 host 10.1.1.1
ip nat pool nat_pool 192.168.10.1 192.168.10.10 netmask 255.255.255.0
ip nat inside source list acl_nat interface Ethernet0 overload
ip nat inside source list acl_nat2 pool nat_pool