Inbound NAT with SSLVPN?

Unanswered Question
Feb 26th, 2010
User Badges:

We are using AnyConnect Essentials on a 5540 ASA running version 8.2.1

We have set up several VPN groups who are assigned addresses from several different IP address pools; all of this is working fine.

Our issue is that we would like to NAT each group of IP addresses to ONE IP address for all inbound traffic -  (long historical story) and it doesn't seem to work.

Here's the relevant config;

- the VPN terminates on the Outside interface.

-the IP address pool for this particular group is /24

-no split-tunneling enabled

nat (Outside) 25

global (Inside) 25

When I connect to this VPN group I receive and address in the pool, but the address translation to does not happen.

There are no errors.

It's as if the VPN connections are just ignoring the NAT and GLOBAL commands.

Is it not possible to do this or am I missing part of the necessary config?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion