Re: ASA Nat problem from Christopher Copley on 2011-09-21 (Ccielab archives 09/2011)

From: Christopher Copley <copley.chris_at_gmail.com>
Date: Wed, 21 Sep 2011 21:42:58 -0400

Thanks, I will try that. I knew I had to be missing some thing stupid.

Chris

On Wed, Sep 21, 2011 at 9:40 PM, Ryan West <rwest_at_zyedge.com> wrote:

> Yup, that should do it.****
>
> ** **
>
> -ryan****
>
> ** **
>
> *From:* Christopher Copley [mailto:copley.chris_at_gmail.com]
> *Sent:* Wednesday, September 21, 2011 9:39 PM
> *To:* Ryan West
> *Cc:* ccielab_at_groupstudy.com
>
> *Subject:* Re: ASA Nat problem****
>
> ** **
>
> I bet I am missing this...****
>
> ** **
>
> nat (DMZ2) 0 access-list NO-NAT****
>
> ** **
>
> Is that it?****
>
> ** **
>
> On Wed, Sep 21, 2011 at 9:35 PM, Ryan West <rwest_at_zyedge.com> wrote:****
>
> On Wed, Sep 21, 2011 at 21:10:55, Christopher Copley wrote:
> > Subject: ASA Nat problem****
>
> > global (OUTSIDE) 1 interface
> > nat (DMZ1) 0 access-list NO-NAT****
>
> Think about what you might be missing here.****
>
>
> > nat (DMZ1) 1 0.0.0.0 0.0.0.0
> > nat (DMZ2) 1 0.0.0.0 0.0.0.0
> >
> >
> > access-list VPNSITE1 extended permit ip object-group DMZ1-NET object-
> > group
> > VPN-SITE1
> > access-list VPNSITE2 extended permit ip object-group DMZ2-NET object-
> > group
> > VPN-SITE2
> >
> > access-list NO-NAT extended permit ip object-group DMZ1-NET
> > object-group
> > VPN-SITE1
> > access-list NO-NAT extended permit ip object-group DMZ2-NET
> > object-group
> > VPN-SITE2
> >****
>
> -ryan****
>
>
>
> ****
>
> ** **
>
> --
> Christopher D. Copley****
>
> copley.chris_at_gmail.com****
>
> ** **
>
> ** **
>

-- 
Christopher D. Copley
copley.chris_at_gmail.com
Blogs and organic groups at http://www.ccie.net

Received on Wed Sep 21 2011 - 21:42:58 ART

This archive was generated by hypermail 2.2.0 : Sat Oct 01 2011 - 07:26:25 ART