06-20-2007 08:01 AM - edited 03-11-2019 03:33 AM
Does anyone know if the new 8.0 release will support a many private addresses to one public address. We have had alot of problems with an older release not supporting this at all. We have clients where we are that access Win and Nortel VPN servers at their home sites. We need to be able to provide these services through the ASA using ports IP 50,51 and UDP 500. All we can have is one public address. Also is there any way to make the connections going through the ASA all look like they have different addresses. That my be impossible but once a GRE tunnel has been established with one of the users the Nortel for example will not let anymore connections connect coming from the same IP. Thanks
06-20-2007 08:05 AM
There is no problem providing these services through the ASA. Nat-t must be used by the devices on the remote end or you must not pat your clients on the inside of the ASA.
06-20-2007 08:55 AM
We have no control on the VPN server side of the house. Only with clients passing through. So are you saying that I should only use NAT and NAT w/ PAT. How would that work?
Thanks
06-20-2007 09:35 AM
It sounded like you were saying it was because of your ASA that clients cannot use nat-t outbound to their respective gateways. The fact is that the ASA has nothing to do with it. If nat-t is not supported on the remote end, there is nothing you can do in the ASA to make it work. The only option is to not nat the clients, which requires public ip addresses, or use one connection at a time.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: