Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

nat issue

While configuring easy vpn in nem mode with asa 5510 and a 1800 SERIES router,it has been said that intersting traffic should not be natted.How does this traffic goes to the internet with private ip addressing if the 2 sites are link by internet ?

example:

access-list no-nat extended permit ip 172.22.1.0 255.255.255.0 172.16.1.0 255.255.255.0

  • WAN Routing and Switching
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: nat issue

The traffic is tunneled so the private IP addressing is never seen on the Internet. So the source and destination IP addresses of the packets when they are the Internet are the outside interface of the ASA and the outside interface of the 1800.

The IP header with the source and destination private IP addresses ie. 172.22.1.x & 172.16.1.x are only visble once the outer IP header has been removed and it is the ASA and 1800 that remove and add the outer IP header.

Jon

1 REPLY
Hall of Fame Super Blue

Re: nat issue

The traffic is tunneled so the private IP addressing is never seen on the Internet. So the source and destination IP addresses of the packets when they are the Internet are the outside interface of the ASA and the outside interface of the 1800.

The IP header with the source and destination private IP addresses ie. 172.22.1.x & 172.16.1.x are only visble once the outer IP header has been removed and it is the ASA and 1800 that remove and add the outer IP header.

Jon

101
Views
0
Helpful
1
Replies
This widget could not be displayed.