Solved

ASA NAT

Posted on 2009-04-09
1
568 Views
Last Modified: 2013-11-16
I have a client that I terminated a VPN into yesterday.  Typical network-to-network VPN.  I can ping the private side of his vpn just fine, but he is trying to get me access to hosts on different networks that are routed through his network somewhere.

Bottom line, I want him to create a NAT rule on the ASA to basically say the following:

Any traffic coming from 172.30.60.0/24 (my network) to NAT out the inside interface of 192.168.237.1 (his LAN1 interface) to anything beyond his router.
0
Comment
Question by:dtadmin
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24107352
I didn't quite follow the question.....

If you want to reach other hosts through that VPN, you would 1st need to add those Host IPs to the nonat and crypto maps so that traffic is caught in the VPN as well.  The far site would need to add the same pattern on their code as well.  This would depend on how many hosts to route.    You could add the entire subnet range to the nonat or multiple subnets for that matter, just as long as the other admin matches what you add.    

If this isn't the answer you were looking for, then I ask for a little clarification on the question.


0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now