03-10-2008 08:12 AM
Prior to VPN, we're running with "nonatdmz". Recently, we have been trying to implement VPN solution using "VPNRA"
ASA IOS would only allow you use one "NAT 0" at a time, how do you get around this.
TIA
access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0
nat (Inside) 0 access-list nonatdmz
access-list VPNRA extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0
nat (Inside) 0 access-list VPNRA
Solved! Go to Solution.
03-10-2008 08:34 AM
You can add more than one line to you nonatdmz access-list: e.g:
access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0
access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0
nat (Inside) 0 access-list nonatdmz
03-10-2008 08:34 AM
You can add more than one line to you nonatdmz access-list: e.g:
access-list nonatdmz extended permit ip any 192.168.100.0 255.255.255.0
access-list nonatdmz extended permit ip 172.0.0.0 255.0.0.0 10.17.70.0 255.255.255.0
nat (Inside) 0 access-list nonatdmz
03-10-2008 09:33 AM
I'll try it.
Thanks,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: