Solved

PIX site to site VPN NAT question

Posted on 2007-03-29
1
282 Views
Last Modified: 2010-04-09
When trying to set up a new site to site VPN on our Cisco PIX 506E
a basically copied the settings of the current vpn.

all the setting i copied and changed then added to the config worked except this one...

the origional settings were...

nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

so i copied the first bit to represent the new access-list i had created.
and then added this...

nat (inside) 2 access-list inside_outbound_nat1_acl

it added without problem in the CLI but in the PDM it came up with this causing an error.

Can someone tell me whats wrong?

Thanks
0
Comment
Question by:chouckham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 10

Accepted Solution

by:
Sorenson earned 500 total points
ID: 18815514
nat (inside) 0 specifies an access-list that skips that outbound NAT application.
The access-list tied to it should specify the VPN partners ip subnets, etc.  You will need to add the lines to the inside_outbound_nat0_acl, to specify your inside addresses and the new sites inside ip addresses.

specifying any other number after the nat (inside) matches it to a specific "global" command that sets the external nat address(s) to be used.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Error after upgrade of 3850s 15 95
Password recovery 2950 is Deleting configuration Why 8 63
VPN - Site to Site  not decapsulating (ASA-Sophos XG85) 1 32
Cisco 3650x ACL 8 50
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question