NAT explanination

Unanswered Question
Aug 7th, 2012
User Badges:

Guys we have a LAN to LAN of the client has follwoing IP

name 160.X.X.140 tic

crypto map clientmap 5 set peer 160.X.X.140

tunnel-group 160.X.X.140 type ipsec-l2l

tunnel-group 160.X.X.140 ipsec-attributes

crypto map clientmap 5 match address TIC-VPN-ACL

crypto map clientmap 5 set transform-set ESP-3DES-SHA

access-list TIC-VPN-ACL extended permit ip host host 160.X.X.142 log warnings

So it means that tarffic initiate from our side (correct me if i am wrong)

static (External,Internal) 160.X.X.142 netmask

can some on explain this NAT statement

1- what does this NAT do if someone from inside network with ip address of 10.X network will it get translated to 192. address

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Karsten Iwen Wed, 08/08/2012 - 00:37
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

This static means that if someone enters the ASA from "External" with a real IP of 160.x.x.142, his source address gets translated to The other way round, if someone comes from "Internal" and wants to reach the "External" destination-address of, that destination-address gets translated to 160.x.x.142.

This NAT-rule doesn't specify what to do with your 10.x source-address. For that there is probably another NAT-statement. Look for other "static ..."-commands and also for "nat (Internal) 0 ...".

Don't stop after you've improved your network! Improve the world by lending money to the working poor:


This Discussion