I want to set up an ipsec gateway for site-to-site connectivity, the gate should support different customers with independent nat statements.
The ipsec gateway should use one public ip address for an outside fvrf, this fvrf or the diffrent customer ipsec tunnels should be mapped to different ivrfs with independent nat statements.
I have problems with the nat statement, because it is not possible to configure the following statement:
ipsec-gw#sh run | in nat
ip nat inside source static 10.79.50.13 10.79.1.1 vrf inside-group001
ip nat outside source static 192.168.1.1 10.79.2.2 vrf inside-group001
Enter configuration commands, one per line. End with CNTL/Z.
ipsec-gw(config)#ip nat inside source static 10.79.43.13 10.79.1.1 vrf inside-group002
% similar static entry (10.79.50.13 -> 10.79.1.1) already exists
Platform is: Cisco 3745 with AIM-VPN/HPII
IOS version: c3745-advsecurityk9-mz.124-25b.bin