[c-nsp] Cisco ASA - presenting a NAT'd address to a VPN tunnel

Michael K. Smith - Adhost mksmith at adhost.com
Mon Aug 31 14:10:04 EDT 2009


Hello All:

I will be configuring an ASA where the remote-end requirement is that the address presented to them is a globally unique (non-RFC 1918) address.  I *think* this means I have to double NAT.  So, instead of having the 192.168.x.x address presented over the tunnel, it has to be a "real" address.

Has anyone ever configured something like this on an ASA?  I've always used the inside addresses for interesting traffic in the ACL.  Can I use the static, outside address in the tunnel?

Regards,

Mike

--
Michael K. Smith - CISSP, GISP
Chief Technical Officer - Adhost Internet LLC
mksmith at adhost.com
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP: B49A DDF5 8611 27F3  08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090831/eb26c680/attachment.bin>


More information about the cisco-nsp mailing list