I have an ASA 5510 with multiple site-to-site VPNs. I have these global and NAT statements
global (outside) 101 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 101 0.0.0.0 0.0.0.0
This is working fine as is.
I need to load an ATT VPN client on an inside PC to access a number of servers on the ATT network. They have given me a list of ports and servers that this client need to access. See my config (access-list 110)in the attached file -asaconfig.
Seems like in addition to the access list I need a static translation for the PC running the VPN client and these ports should be open to that translated address. As soon as I add the static translation for the inside PC (192.168.1.32 to 22.214.171.124) this inside PC stops being able to access the internet. I have tried adding a second global pool -
global (outside) 102 126.96.36.199-188.8.131.52 and a nat(inside) 102 192.168.1.32 255.255.255.255 but this still does not allow outside access.
Am I wrong in thinking I need a static translation and why does Internet access cease after the translation?
I believe this was a response to someone else's issue.
I have an ASA with a number of site-to-site VPN connections. Inside clients can access the Internet fine. Site-to-site VPN connections are working fine. I want to use an ATT VPN client from inside to access a number of AT&T servers. (Ports 709 for CA server, ESP for IPsec auth, etc.) AT&T does not support UDP encapsulation or NAT-T.
I have tried doing a static translation for the inside PC that has the At&T client loaded and then allowing all IP traffic in to that public translated IP. (I have also allowed protocol 50 and 51.) The result is this PC is now unable to access anything outside. I remove the static and outside access is restored.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...