Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT incoming vpn's

i am running into problems trying to NAT incoming vpn connections. here are all the outputs that i think would show the problem. if you need more please ask

access-list vpn_nat extended permit ip 192.168.241.0 255.255.255.0 192.168.1.0 255.255.255.0 log

nat (Outside) 1 access-list vpn_nat

but I do not see the hit count increasing on the nat

NAT policies on Interface Outside:

match ip Outside 192.168.241.0 255.255.255.0 Outside 192.168.1.0 255.255.255.0

dynamic translation to pool 1 (207.xxx.xx.xx [Interface PAT])

translate_hits = 0, untranslate_hits = 0

DCP-ASA5520-2# sh vpn-sessiondb remote

Session Type: Remote

Username : remote

Index : 1

Assigned IP : 192.168.241.0 Public IP : 12.xx.xx.xx

Protocol : IPSec Encryption : 3DES

Hashing : MD5

Bytes Tx : 0 Bytes Rx : 3297

Client Type : IOS Client Ver : 12.4(4)T2

Group Policy : remote_sites

Tunnel Group : remote_sites

Login Time : 06:31:29 UTC Thu Mar 29 2007

Duration : 0h:10m:31s

Filter Name :

NAC Result : Unknown

Posture Token:

Here are my pools for the incoming vpn's

ip local pool NAT_VPN_Routers 192.168.1.230-192.168.1.245 mask 255.255.255.0

tunnel-group remote_sites general-attributes

address-pool NAT_VPN_Routers

1 REPLY
New Member

Re: NAT incoming vpn's

Posture Token?Informational text string configurable on the Access Control Server. The ACS downloads the posture token to the security appliance for informational purposes to aid in system monitoring, reporting, debugging, and logging. A typical posture token is Healthy, Checkup, Quarantine, Infected, or Unknown.

116
Views
0
Helpful
1
Replies
CreatePlease to create content