Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT explanination

Guys we have a LAN to LAN VPN....one of the client has follwoing IP

name 160.X.X.140 tic

crypto map clientmap 5 set peer 160.X.X.140

tunnel-group 160.X.X.140 type ipsec-l2l

tunnel-group 160.X.X.140 ipsec-attributes

crypto map clientmap 5 match address TIC-VPN-ACL

crypto map clientmap 5 set transform-set ESP-3DES-SHA

access-list TIC-VPN-ACL extended permit ip host 10.1.20.1 host 160.X.X.142 log warnings

So it means that tarffic initiate from our side (correct me if i am wrong)

static (External,Internal) 192.168.1.6 160.X.X.142 netmask 255.255.255.255

can some on explain this NAT statement

1- what does this NAT do if someone from inside network with ip address of 10.X network will it get translated to 192. address

Everyone's tags (1)
1 REPLY
VIP Purple

NAT explanination

This static means that if someone enters the ASA from "External" with a real IP of 160.x.x.142, his source address gets translated to 192.168.1.6. The other way round, if someone comes from "Internal" and wants to reach the "External" destination-address of 192.168.1.6, that destination-address gets translated to 160.x.x.142.

This NAT-rule doesn't specify what to do with your 10.x source-address. For that there is probably another NAT-statement. Look for other "static ..."-commands and also for "nat (Internal) 0 ...".

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

185
Views
0
Helpful
1
Replies
CreatePlease to create content