Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

different nat groups

Hi all,

we use ip-sec at a pix520, version 6.3.3, for our mobile user to get access on an internal terminal-server. I´ve configurated a nat command like "nat (inside) 0 access-list xyz".

It´s works fine.

Now I have to create an access for an external supporter with ip-sec to an specially server in our LAN. I try to created another nat 0 command with another access-list but it´s overwrite the first nat 0 command. What can I do?

Where is my mistake?

When I see the configuration examples I see that I have to use the "no nat command" but how can I separate the access?

Thx for help.

Helmut

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Re: different nat groups

Hi Helmut,

You can only associate one access-list when using NAT exemption.

Therefore, the workaround that you can use is to merge the two access-lists into one, and associate that single access-list to the "nat (inside) 0 access-list" command...

Hope that helps ... Pls do remember to rate posts.

Paresh

1 REPLY
Purple

Re: different nat groups

Hi Helmut,

You can only associate one access-list when using NAT exemption.

Therefore, the workaround that you can use is to merge the two access-lists into one, and associate that single access-list to the "nat (inside) 0 access-list" command...

Hope that helps ... Pls do remember to rate posts.

Paresh

96
Views
0
Helpful
1
Replies
CreatePlease to create content