concentrator 3030...I have a local host that needs to access multiple L2L tunnels with different NAT requirements:
I currently have this NAT configured...
source 10.1.1.1/32 static NAT 134.x.x.x/32 destination ANY
I need to configure this NAT...
source 10.1.1.1/32 static NAT 10.99.17.x/32 destination 32.x.x.x/32
Is this possible? I have tried and I get "Source and remote network address
conflict with an existing rule. Either source or remote network address
must be changed". Is the conflict due to the destination ANY of the pre-existing rule?
I thought that since the destination of the rule I need to add is more specific that this
Thanks for your help, Anne
Yes the conflict error that we see is due to the destination ANY of the pre-existing rule. Ideally we need to have more specific static statements in the static rules to have multiple nat for same source. So i would suggest we find out the remote network list for which we need the 1st translation (134.x.x.x/32 ), and apply the static rule(might need more than 1 static rule if multiple remote subnets are the case), and similarly one more for the new static we are looking for (for the destination 32.x.x.x/32 ).
Now on some of the other security appliances, we can have a workaround to our scenario, but i'm not sure if the software version running on your concentrator would support this.
Try to remove the static rule for any (1st statement) and then apply the new rule first (to 32.x.x.x/32). After this apply the original static rule (destination to any). The idea is to have more speific static rule first, and then the general (any) static rule for the rest of the destinations. I suggest you try this in a maintenance window to avoid any impact on users.
Let me know if this helps...