Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
0
Helpful
1
Replies

SOURCE NAT FOR SITE TO SITE VPN

htaluja_2
Level 1
Level 1

‎07-20-2007 03:50 PM - edited ‎03-11-2019 03:47 AM

We have VPN between two sites. All traffic (priv. sub - priv.sub) is not natted. However, I want to be able to source nat all traffic destined for a specific server and port? Can this be done?

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎07-20-2007 08:53 PM

Hi

Yes, use policy NAT eg.

assuming tcp and you are translating the source IP addresses to 192.168.5.10

access-list pnat permit tcp any host "ip address" eq "tcp port"

nat (inside) 2 access-list pnat

global (outside) 2 192.168.5.10

Then what you need to do is update your crypto map access-lists to reference the natted address ie. 192.168.5.10 in addition to what they already reference. Obviously this needs updating at both ends.

HTH

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card