I configure the VPN IPsec and NAT feature on the same router. I would that traffic which going to my site via VPN shouldn't be nating but traffic to Internet should. How I should configure my router to resolve problem?
ip nat inside source route-map nonat interface Dialer0 overload
access-list 101 deny ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 130 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 140 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
route-map nonat permit 10
match ip address 101
in particular, the route-map nonat and the acl 101 addresses your issue. the first two entries specifies no nat with packet destined for the vpn peer site and the remote vpn client pool; and the third entry specifies the pix to pat the rest of the traffic.
I have situation like this I have looback 0 interface where i put ip nat inside and remote access VPN client. When I ping host A from the inside ip address of looback 0 interface (10.0.1.1) via extanded ping NAT works fine. But after established VPN connection between VPN remote client and server and from PC I ping the same host A NAT not work. I sniff traffi on the host A and I see IP address from network 10.0.1.0/24.
How inthis situation I must configure NAT? I want also that PC wiche connect and esatblish VPN tunel to router can ping host A but from ip nay outside interface (overload on fa0/0 example 192.168.1.1) not form IP from local pool which router give him.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...