we use ip-sec at a pix520, version 6.3.3, for our mobile user to get access on an internal terminal-server. I´ve configurated a nat command like "nat (inside) 0 access-list xyz".
It´s works fine.
Now I have to create an access for an external supporter with ip-sec to an specially server in our LAN. I try to created another nat 0 command with another access-list but it´s overwrite the first nat 0 command. What can I do?
Where is my mistake?
When I see the configuration examples I see that I have to use the "no nat command" but how can I separate the access?
Thx for help.
You can only associate one access-list when using NAT exemption.
Therefore, the workaround that you can use is to merge the two access-lists into one, and associate that single access-list to the "nat (inside) 0 access-list" command...
Hope that helps ... Pls do remember to rate posts.