Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Nat

While configuring easy vpn in nem mode with asa 5510 and a 1800 SERIES router,it has been said that intersting traffic should not be natted.How does this traffic goes to the internet with private ip addressing if the 2 sites are link by internet ?

What is this access list role?

access-group OUT in interface outside

example: See file attached

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Nat

Hello Kouferidji,

the scenario could describe the need to avoid to NAT traffic that has to go trough the IPSec tunnel:

LAN to LAN traffic has to travel inside ipsec packets and don't need to be natted

when accessing internet it has to be natted as you observe

access-list no-nat extended permit ip 10.10.10.0 255.255.255.0 192.168.10.0 255.255.255.0

net 192.168.10.0 is the lan behind the 871 see the drawing

Hope to help

Giuseppe

1 REPLY
Hall of Fame Super Silver

Re: Nat

Hello Kouferidji,

the scenario could describe the need to avoid to NAT traffic that has to go trough the IPSec tunnel:

LAN to LAN traffic has to travel inside ipsec packets and don't need to be natted

when accessing internet it has to be natted as you observe

access-list no-nat extended permit ip 10.10.10.0 255.255.255.0 192.168.10.0 255.255.255.0

net 192.168.10.0 is the lan behind the 871 see the drawing

Hope to help

Giuseppe

137
Views
0
Helpful
1
Replies
CreatePlease to create content