Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Many to one - NAT in ASA

I have a requirement to allow 11 internal hosts to access an FTP server through a site to site VPN tunnel. The other side wants to see a public IP address that is not the peer address (outside interface). I?ve been unable to make a NAT that will translate multiple IP?s to a single outside address. Is this possible on an ASA5520, and if so can you point me in the right direction?


Re: Many to one - NAT in ASA

You will need to use policy nat, probably with an ACL. This link should help.

New Member

Re: Many to one - NAT in ASA

Thank you. This document was also very informative.

Re: Many to one - NAT in ASA

Hi .. you need to use PAT with an access-list


nat (inside) 10 access-list FTP_Access

access-list FTP_Access extended permit tcp eq ftp

global (outside) 10 netmask

You also need to make sure you allow that access on any access list applied to the inside interface .. now I am not sure whether you will be able to get this traffic throught the VPN tunnel ..

I hope it helps .. please rate it if it does !!!

New Member

Re: Many to one - NAT in ASA

Thank you. That's just what I needed.

CreatePlease login to create content