	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.6

Cisco ASA: NAT exemptions required for VPNs?

Asked by shanepresley in Virtual Private Networking (VPN), Cisco PIX Firewall, Miscellaneous Security

Tags: Cisco ASA VPN NAT

I have two Cisco ASA's, that were originally built by different people. On asa1, when I build a new VPN (site to site or remote access), I need to go to Firewall | NAT Rules, and add a "NAT Exempt rule". The source is my networks, destination is the remote networks, and action is "NAT Exempt outbound traffic ..."

However, on asa2, there are no NAT rules, and VPNs can be built (and work) without adding NAT Exempt rules.

Both have identical interface layouts, with the internal interface having a 100 security level, and the public 0.

My question is, what do the NAT exempt rules do, and why are they required on one ASA and not the other? Thanks!

View the Solution FREE for 30 Days

Related Solutions

Keywords: Cisco ASA: NAT exemptions required…

	Title
1	Cisco ASA VPN Configuration Issue
2	VPN configuration on ASA 5505
3	ASA 5505 VPN
4	Cisco ASA 5505 VPN connection n…
5	Cisco VPN Client Software Cant conne…
6	Need Help with allowing VPN traffic thr…

Loading Advertisement...

20091021-EE-VQP-81 - Hierarchy / EE_QW_3_20080625

Hall of Fame

1. RobWill364,394
2. arnold197,721
3. MikeKane197,312
4. JFrederic...170,047
5. bignewf168,320
6. Qlemo140,915
7. lrmoore138,305
8. ikalmar110,182
9. dpk_wal89,572
10. deimark79,485
11. 3nerds72,036
12. asavener54,580
13. jodylemoine46,900
14. geergon36,385
15. Quori34,527
16. RPPreacher34,355
17. ccomley33,840
18. Roachy1...33,822
19. uetian170733,444
20. MrHusy32,838
21. PeteLong30,854
22. SysExpert30,361
23. giltjr30,241
24. alanhardisty27,978
25. mitrushi27,480

1. RobWill2,021,679
2. lrmoore1,323,628
3. batry_boy467,701
4. arnold359,804
5. dpk_wal265,644
6. JFrederic...242,427
7. MikeKane228,592
8. Qlemo226,232
9. grblades218,409
10. bignewf183,320
11. rsivanandan183,296
12. MrHusy128,332
13. TechSoEasy122,268
14. mwecom...120,329
15. PeteLong116,920
16. keith_ala...115,514
17. SysExpert114,141
18. calvinetter112,805
19. ikalmar110,182
20. Voltz-dk98,355
21. deimark93,160
22. Cyclops3...90,587
23. RPPreacher79,980
24. tim_holman75,964
25. 3nerds72,036

Cisco ASA: NAT exemptions required for VPNs?

Asked by shanepresley in Virtual Private Networking (VPN), Cisco PIX Firewall, Miscellaneous Security

Tags: Cisco ASA VPN NAT

About this solution