Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Issue with NAT, Internet Access and When VPN kicks in

HI All,

Can i please get help in regards to following issue

I have 1xWeb Server in my inside network with an IP address of

Initially i had setup NAT translation as

#ip nat inside source static rrr.rrr.rrr.rrr

#ip nat inside source list 112 pool NATCUSTMER overload

#ip nat inside source list 112 pool NATCUSTMER overload

With the above configuration ebery thing worked perfactly until i established a VPN from our router to Wtach Gaurd. access list for VPN was as

#permit ip host host

With this and related VPN configuration, VPN was established successfully but traffic was not flowing across the VPN.

as soon as i break the NAT VPN would work but internet access and access to this server from Internet would not work.

To get around i assigned the server a second IP address and recreated the NAT as followed

#ip nat inside source static tcp 80 rrr.rrr.rrr.rrr 80 extendable

#ip nat inside source static tcp 443 rrr.rrr.rrr.rrr 443 extendable

NOW is Primary IP of the server and is successfully talking across the VPN and is successfully accepting the connection on these ports.

Problem is this server can not connect to the internet now.

i have just put an access list to allow the internet but it did not fix teh issue.

#access-list 111 permit ip host any

Can some one assist in as to what i am missing, or what should i do for this server to get internet access with out breaking the VPN and existing NAT.

i thought to put some static route on the actual server but i am sure i might be missing soem thign in the access list.

Thanks inadvance for urgent assistance :P,


CreatePlease to create content