Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PIX with multiple NAT 0 statements

Hello,

I have PIX 6.0 with IPSec support. I have nat 0 statement with access lists between dmz and inside interface. Now, I want to introduce VPN client configuration. In order to do that, I need to have nat 0 statement. Is it possible to have more than one nat 0 statement with differnet access lists, or I should add access lists entries at the end of exisiting access list.

3 REPLIES
Community Member

Re: PIX with multiple NAT 0 statements

NAT 0 statement - I wanted to do the exact same thing. The only recourse was to add to my existing access list.

Community Member

Re: PIX with multiple NAT 0 statements

And, when you add entry to your existing list, is everything OK? I mean, in the same time you have your traffic encrypted and your old access list is working ?

Community Member

Re: PIX with multiple NAT 0 statements

You can only have one nat 0 statement but you can have multiple nat statements. e.g.

nat (inside) 0 access-list ipsec

nat (inside) 1 172.27.0.0 255.255.0.0 0 0

access-list ipsec permit ip 172.27.0.0 255.255.0.0 172.16.0.0 255.255.0.0

access-list ipsec permit ip 172.27.0.0 255.255.0.0 172.18.0.0 255.255.0.0

Hope this helps.

319
Views
0
Helpful
3
Replies
CreatePlease to create content