Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA Ipsec - 2 static entry for the same source ip address

Hi Experts,


I have the same scenario as explained in this thread  https://supportforums.cisco.com/thread/2140198

As the solution provided


Configure the ASA1 with Static Policy NAT
access-list L2LVPN-POLICYNAT permit ip host 192.168.1.2 host 10.1.0.2 

static (inside,outside) 10.23.1.2 access-list L2LVPN-POLICYNAT


Now suppose I have a 3rd site  for which same source 192.168.1.2 which is in used for ipsec  want to talk to 10.3.0.2


For which I use the static nat


static (inside,outside) 10.23.1.2 192.168.1.2 netmask 255.255.255.5  (no vpn required for 3rd site )

So my question can both this statments can be configured in same ASA  and will that work simultaniously


1.static (inside,outside) 10.23.1.2 access-list L2LVPN-POLICYNAT

2.static (inside,outside) 10.23.1.2 192.168.1.2 netmask 255.255.255.255

To my knowledge it should work . The first statement will come to effect when its going to the destination 10.1.0.2 only

For rest all traffic from source 192.168.1.2 it wil take the 2nd translation


Please confirm


Thanks

Everyone's tags (5)
2 REPLIES

ASA ipsec with 2 static entry

Hi Nell,

Yes, it should work.

Let me know, how it coming along.

thanks

New Member

ASA Ipsec - 2 static entry for the same source ip address

Thanks Rizwan . I will try and let you know .

480
Views
0
Helpful
2
Replies
CreatePlease to create content