Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

nonat sintax for ASA version 9.1

Hello friends!

I am trying to perform a Lan-to-Lan VPN, but I am having some issues about the nonat rule. Could anybody help me to figure out how to complete this task about separating my interesting traffic from my Internet traffic through the nonat rule?

Regards!

Local LAN: 192.168.0.0/24

Remote LAN: 10.0.0.0/8

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Sure, something like this

Sure, something like this will work for you:

object network local_lan

 subnet 192.168.0.0 255.255.255.0

object network remote_lan
 subnet 10.0.0.0 255.0.0.0

nat(inside,outside) source static local_lan local_lan destination static remote_lan remote_lan

You'll need all the other VPN bits, especially an access-list with those subnets tied to the VPN crypto map.

2 REPLIES
Hall of Fame Super Silver

Sure, something like this

Sure, something like this will work for you:

object network local_lan

 subnet 192.168.0.0 255.255.255.0

object network remote_lan
 subnet 10.0.0.0 255.0.0.0

nat(inside,outside) source static local_lan local_lan destination static remote_lan remote_lan

You'll need all the other VPN bits, especially an access-list with those subnets tied to the VPN crypto map.

New Member

Thank you so much for your

Thank you so much for your help Marvin,

I clearly understand about the access-list with my interesting traffic. Wish me luck!

Have a great day!

Regardas,

108
Views
0
Helpful
2
Replies
CreatePlease to create content