Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Double NAT?

Status
Not open for further replies.
desperado618

desperado618

MIS
Sep 21, 2004
105
US
I have a customer that has an IP Pool NAT assigned to all incomming VPN connections. He would like all VPN connections destined for a certain IP address with the source of Telnet to be hide natted. Can some please explain if this is possible?
 
Sort by date Sort by votes
yes it is possible. you need to create a manual NAT rule which says Source (NAT range) Destination (Server) Service (Telnet) to Source (Hidden Range) Destination (Server) Service (Telnet).

Hope that makes sense!
 
Upvote 0 Downvote
I tried that initially and it did not work. I was told it has something to do with the was IP Pool NATS work. As I understand it, once a match is made for a NAT rule ( in this case the IP Pool NAT in the FW object), the rest of the NAT rules are not read (which would be where the manual nat rule would reside).
This works much like the access rules work. Once a match is found, the kernel does not continue parsing the rest of the rulebase.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
628
intel233
intel233
steve777777
  • Locked
  • Question
Cisco ASA VPN+NAT
Replies
0
Views
112
steve777777
steve777777
dgoradia
  • Locked
  • Question
Second public IP NAT to LAN
Replies
0
Views
81
dgoradia
dgoradia
cisco222
  • Locked
  • Question
ASA and NAT
Replies
0
Views
73
cisco222
cisco222
mob46x
  • Locked
  • Question
ASA5505 & Cisco Router 3825 - Double NAT w/ Port Forward
Replies
1
Views
106
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top