Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN's and Nating

We have a new cisco 3825 router that we use for site-to-site vpn's. Several of the vpn's need to access the same internal host. On one of the VPN's we are nating this particular internal host to the outside. On several other VPN's that need access to this same internal host we are not nating the host to the outside. How do you configure a VPN to nat an internal host ip to a remote VPN so it doesn't effect other VPN's that need access to the same internal host?

Thanks,

4 REPLIES
New Member

Re: VPN's and Nating

I'd have thought that ip nat inside source list would do this for you, identifying the source and destination in the ACL to qualify for that specific source IP to that specific destination be NAT, while the same source to a different destination would not match the ACL and would therefore not be NAT.

New Member

Re: VPN's and Nating

We were wondering if we would need to do something with route-maps with this?

Thanks,

New Member

Re: VPN's and Nating

That's correct. That's how we do it. I think it's the only way to do it. The access-list associated with the NAT route maps have to deny NAT'ing from internal node to far end internal node but allow NAT'ing when some public node tries to access your publicly accessible internal server.

New Member

Re: VPN's and Nating

How many route-map statements do you typically need?

Thanks,

125
Views
0
Helpful
4
Replies
CreatePlease login to create content