Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Static nat and vpn issue

I have a static nat for inbound smtp traffic and inbound vpn smtp traffic no longer works even though my access list denys vpn traffic being natted.

Config attached.

Any way around this?


New Member

Re: Static nat and vpn issue

Are you going to use the vpn for SNMP traffic only?

If so take the translation off.

If not would need to see config for remote end also.


New Member

Re: Static nat and vpn issue

Smtp required for both external and vpn access. The issue is that the inbound vpn smtp traffic trys to use the Nat rule and therefore doesnt work.

I cant see anyway around this and it doesnt do it with a pix.

Re: Static nat and vpn issue

You need to do policy routing. This link should help.

New Member

Re: Static nat and vpn issue

I dont see how policy routing or routemaps are going to make any difference because the traffic is still getting forwarded to the same interface ie the dialer interface. Only difference is that it needs to go through the VPN. In the config attached there is an access-list which denys traffic to the vpn from going through the nat translation but for some reason this doesnt apply if there is a static nat applied.