Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with NAT 0

I have a PIx 515 with 3 interfaces.I have a webserver and mail server in the dmz and i'm using to PIX's as a VPN Server.The problem that I'm having is all user on the Internal network can't browse the Internet. I have narrowed it down to nat (inside) 0 command. IF I take the nat out than my VPN client can browse the internal network. Is there away around this problem?

1 REPLY
New Member

Re: Problem with NAT 0

specify the traffic that apply to the nat 0 exactly with an access list

ex:

access-list NO_NAT permit ip src dst

....

nat (inside) 0 access-list NO_NAT

try to be the more specific as you can with this list, so all the other traffic will be changed to internet.

in the case that the vpn client cant see the internal network, be sure to permit with the acl related to inside interface the traffic with dst equal the ip assigned to the vpngroup and dst the network connected inside

Alexis

81
Views
0
Helpful
1
Replies
CreatePlease login to create content