Policy NAT for traffic coming from VPN L2L

[lecarbajal]

Hi,



Im trying to configure a policy nat for traffic coming from a VPNL2L. I would like to know if this scenario is supported on a Cisco ASA IOS version 9.1(2)



We have a VPN L2L for different customers, one of them has an overlaping with our internal network, we need to nat a specific host from their network to an inside private ip



Interestering traffic

source (this is the network from customer)

10.10.10.0/24

10.10.20.2/32



destination (this network is in our end) - inside interface of our firewall

20.20.20.0/24

NAT IP address 20.20.30.2



I has been trying to nat this host 10.10.20.2/32 to 10.10.20.2/32 using:



object network obj-10.10.20.2

host 10.10.20.2

object network obj-20.20.30.2

host 20.20.30.2

object network obj-20.20.20.0

subnet 20.20.20.0



nat (outside,inside) source static obj-10.10.20.2 obj-20.20.30.2 destiation static obj-20.20.20.0 obj-20.20.20.0



but the translation is not working., there are no hits for nat (outside,inside)



There is no ACL on the interfaces ( there are only 2: inside security level 100, outside security level 0)



Thanks.



Luis.