Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Route-lookup for NAT on 8.4.2?

I am not sure why route-lookup is neceserry?

Instead of pointing to documents, is there any actual example when we should configure route-lookup on the end?

For example, I have network 10, everywhere. Also, my VPN users are coming to ASA, and then going out to the Internet.

Inside network: 10.1.0.0/16

DMZ: 10.2.0.0/16

VPN users: 10.250.0.0/16

EZVPN users: 10.251.0.0/16

so, my twice nat looks like this:

obj-10_8

subnet 10.0.0.0 255.0.0.0

obj-ins-net

subnet 10.1.0.0 255.255.0.0

nat (inside,outside) dynamic interface

obj-ins-net

subnet 10.2.0.0 255.255.0.0

nat (outside,outside) dynamic interface

nat (outside,outside) source static obj-10_8 obj-10_8 destination static obj-10_8 obj-10_8

nat (inside, outside) source static obj-10_8 obj-10_8 destination static obj-10_8 obj-10_8

So, nat idea is simple, anytime VPN user tries to access anyone in company, no matter if that is another VPN users, or EZVPN user, it should ne nated to itself.

Is this something where I should be use route-lookup on the end?

Thanks.

329
Views
0
Helpful
0
Replies