12-09-2008 08:34 AM - edited 02-21-2020 04:03 PM
Hi,
is there a way to NAT the source ip address of a traffic going towards a specific ipsec peer (not towards internet) ?
If yes, could you pls provide me an example or a url ?
Tks
Ric
12-09-2008 09:00 AM
y.y.y.y = original source address
z.z.z.z = destination address
x.x.x.x = NAT address
access-list policy_nat permit ip host y.y.y.y host z.z.z.z
static (inside,outside) x.x.x.x access-list policy_nat
12-10-2008 12:05 AM
Does this means that NATTing is done before routing and encryption ?
Tks
12-10-2008 08:29 AM
no, the order is :
routing
NAT
encryption
HTH
12-10-2008 09:09 AM
Hi,
Below is the URL that explains this set up in detail
PIX/ASA 7.x and later: Site to Site (L2L) IPsec VPN with Policy NAT (Overlapping Private Networks) Configuration Example
Regards,
Arul
*Pls rate if it helps*
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: