Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT issues with AnyConnect and ASA 8.3

I have AnyConnect configured on an ASA 8.3.  I'm connecting just fine and pulling an IP address from the pool that I created.  The problem I'm having is I am not seeing any "receive" packets in the AnyConnect details.  I know on the ASA 8.2 and earlier you would use an "Exempt" NAT to do identity translation.  How is that done with 8.3 and later?

1 ACCEPTED SOLUTION

Accepted Solutions

NAT issues with AnyConnect and ASA 8.3

Within 8.3 and later the networks are defined as objects via the use of object groups. These object groups are then referenced within the NAT statement to define both the pre and post NAT (real / mapped) addresses.

object network LOCAL_LAN
subnet 192.168.0.0 255.255.0.0

object network REMOTE_LAN
subnet 172.16.0.0 255.255.0.0

nat (inside,outside) source static LOCAL_LAN LOCAL_LAN destination static REMOTE_LAN REMOTE_LAN
2 REPLIES

NAT issues with AnyConnect and ASA 8.3

Within 8.3 and later the networks are defined as objects via the use of object groups. These object groups are then referenced within the NAT statement to define both the pre and post NAT (real / mapped) addresses.

object network LOCAL_LAN
subnet 192.168.0.0 255.255.0.0

object network REMOTE_LAN
subnet 172.16.0.0 255.255.0.0

nat (inside,outside) source static LOCAL_LAN LOCAL_LAN destination static REMOTE_LAN REMOTE_LAN
New Member

NAT issues with AnyConnect and ASA 8.3

Thank you!!! It's going to take a little time to get used to this new format.

499
Views
0
Helpful
2
Replies
CreatePlease to create content