Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT explanination

Guys we have a LAN to LAN of the client has follwoing IP

name 160.X.X.140 tic

crypto map clientmap 5 set peer 160.X.X.140

tunnel-group 160.X.X.140 type ipsec-l2l

tunnel-group 160.X.X.140 ipsec-attributes

crypto map clientmap 5 match address TIC-VPN-ACL

crypto map clientmap 5 set transform-set ESP-3DES-SHA

access-list TIC-VPN-ACL extended permit ip host host 160.X.X.142 log warnings

So it means that tarffic initiate from our side (correct me if i am wrong)

static (External,Internal) 160.X.X.142 netmask

can some on explain this NAT statement

1- what does this NAT do if someone from inside network with ip address of 10.X network will it get translated to 192. address

Everyone's tags (1)
VIP Purple

NAT explanination

This static means that if someone enters the ASA from "External" with a real IP of 160.x.x.142, his source address gets translated to The other way round, if someone comes from "Internal" and wants to reach the "External" destination-address of, that destination-address gets translated to 160.x.x.142.

This NAT-rule doesn't specify what to do with your 10.x source-address. For that there is probably another NAT-statement. Look for other "static ..."-commands and also for "nat (Internal) 0 ...".

Don't stop after you've improved your network! Improve the world by lending money to the working poor:

CreatePlease to create content