Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX nat(inside) 0 - Multiple ACL Problems

Hi All,

Got a scenario like this:

WAN with 10 sites - wireless ethernet.

I put a PIX 515E at Head Office and another one at Branch A. I have to do a nat (inside) 0 for 2 hosts (server and voip PBX) so that they are accessible over the WAN using their assigned IPs.

Now, when I do a site-site IPSEC VPN between PIX at Head Office and PIX at Branch A, I use a nat (inside) 0 statement to specify interesting VPN traffic from Head Office to Branch A LAN. The VPN comes up fine BUT, the other sites on the WAN can nolonger access the 2 hosts (server and VOIP PBX).

When I remove the ACL for VPN traffic and put that of the 2 hosts (server and VOIP PBX), the WAN comes back on but the VPN definately goes down.

So, how do I set up the VPN without troubling the server and VoIP PBX?

Attached is my config at Head Office (relevant lines for nat, isakmp-ipsec and ACLs)

Thanks in advance,


CreatePlease to create content