Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help with No NAT DMZ and VPN Config.

Prior to VPN, we're running with "nonatdmz". Recently, we have been trying to implement VPN solution using "VPNRA"

ASA IOS would only allow you use one "NAT 0" at a time, how do you get around this.

TIA

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

access-list VPNRA extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list VPNRA

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Help with No NAT DMZ and VPN Config.

You can add more than one line to you nonatdmz access-list: e.g:

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

2 REPLIES
New Member

Re: Help with No NAT DMZ and VPN Config.

You can add more than one line to you nonatdmz access-list: e.g:

access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0

access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0

nat (Inside) 0 access-list nonatdmz

New Member

Re: Help with No NAT DMZ and VPN Config.

I'll try it.

Thanks,

105
Views
0
Helpful
2
Replies
CreatePlease login to create content