Denao,
Have yo tried the NONAT statement in your access lists? I am by no means an
expert, but here's a link to a cisco sample configs. There are a bunch nearthe
bottom about IPsec, NAT and NONAT.
Denao Ruttino wrote:
> I have set up a router that is doing a router-router VPN as well as VPN
> clients coming in. The problem that I am having is with NAT. I need to set
> up 3 or 4 machines on the inside with static NAT translations and when I do,
> it translates all traffic. Is there a way to set this up where the VPN
> traffic does not get translated for these address'? I have used the
> following:
>
> ip nat inside source static 192.8.8.150 192.8.8.150 extendable
> ip nat inside source static 192.8.8.100 200.150.15.22 extendable
> (not real address')
>
> This seems to work except for when I initiate connections from the
> 192.6.6.100 box. That only works 50% of the time.
>
> I do not have this problem on NAT pools as route map statements allow me to
> deny translations by address. I only have this problem on the ones I want
> to assign a specific address to.
>
> Any suggestions would be appreciated.
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
