We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Cisco Router NAT setup

Medium Priority
Last Modified: 2012-05-06
HI guys,
I have a network that is connected via site to site VPN's using BDSL internet connections and Cisco 1812 Routers.

I have set up static NAT entries on each router so users can access their terminal servers from home, however with this entry in place, users on other subnets cannot connect to the terminal server on other subnnets.

IE  one subnet is connected via VPN to subnet
On the router for the subnet, i have a static NAT entry, linking the terminal server ( to the outside interface.  
Users outside our network can connect through nat, however users on the subnet cannot connect with this NAT entry in place. If i take the entry out, all users on all subnets can connect again (obviously external users cannot)

I am thinking i need to set up an access list for the NAST setup, but am not really sure.

Thanks in advance!
Watch Question

I think I understand the problem.

With the static NAT in place external users can connect, to be expected, but VPN users cannot.  This indicates the NAT statement is being used in preference to the site to site VPN config.

If you configure route map based NAT'ing I think it should sort you out.  Have a look at the following to get an idea what you may need:


Basically, you want to match when a user from is accessing the server and not NAT so the traffic traverses the VPN, but do NAT when anyone else accesses the server.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.