<div>
The IP assigned to the ASA's outside interface can be used for outbound NATing. &nbsp; <br />
<br />
Use the commands:<br />
&quot;global (outside) 1 interface &quot;<br />
&quot;&nbsp;nat (inside) 1 0.0.0.0 0.0.0.0&quot; &nbsp;<br />
<br />

</div>


The IP assigned to the ASA's outside interface can be used for outbound NATing.  

Use the commands:
"global (outside) 1 interface "
" nat (inside) 1 0.0.0.0 0.0.0.0"  



<div>
you should disable NAT altogether for a site-to-site tunnel. <br />
<br />
the commands (making some assumptions on your config):<br />
<br />
nat (inside) 0 access-list inside_nat_outbound<br />
access-list inside_nat_outbound extended permit ip localsubnet netmask remotesubnet netmask<br />
<br />
each ASA would have those commands.
</div>


you should disable NAT altogether for a site-to-site tunnel.

the commands (making some assumptions on your config):

nat (inside) 0 access-list inside_nat_outbound
access-list inside_nat_outbound extended permit ip localsubnet netmask remotesubnet netmask

each ASA would have those commands.

<div>
 Can you please ellaborate a little on why no NAT needed for my servers to communicate? Thanks. 
</div>


Can you please ellaborate a little on why no NAT needed for my servers to communicate? Thanks.

<div>
Yes you are correct the connection is between 2 ASA's. I think I'll use the wizard for this setup before using the CLI to get a clearer picture. 
</div>


Yes you are correct the connection is between 2 ASA's. I think I'll use the wizard for this setup before using the CLI to get a clearer picture.

<div>
<div class="content wysiwyg-content">
hI,<br />
<br />
I'm fairly new to asa natting while using vpn, I was wondering what best practice would be for natting in my case. <br />
I'm thinking one to one static nat since I have 30 usable public ip's and was thinking about using one dedicated to connect to this vendor server. The &quot;outside&quot; ip the My CORP ASA is using can't be used as the natted ip can it? <br />
<br />
I attached a diagram using random ip's<br />
<br />
Thanks<br />
<a href="https://filedb.experts-exchange.com/incoming/2010/02_w08/235567/example-diagram.jpg" target="_blank" class="file-inline" title="example setup (14 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>example-diagram.jpg</a>
</div>
</div>


example-diagram.jpg

hI,

I'm fairly new to asa natting while using vpn, I was wondering what best practice would be for natting in my case. 
I'm thinking one to one static nat since I have 30 usable public ip's and was thinking about using one dedicated to connect to this vendor server. The "outside" ip the My CORP ASA is using can't be used as the natted ip can it? 

I attached a diagram using random ip's

Thanks

Site to Site VPN Nat question

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.