Table of Contents
Advertisement
Chapter 8
Site-to-Site VPN
SDM Warning: NAT Rules with ACL
Original Address
Translated Address
Rule Type
To make the listed NAT rules use route maps:
How Do I...
OL-4015-08
may be used on the remote router, but the policies and transform sets may be
different. If the text file is simply copied into the remote configuration file,
configuration errors are likely to result.
This window appears when you are configuring a VPN using interfaces with
associated NAT rules that use Access rules. This type of NAT rule can change IP
addresses in packets before the packets leave or enter the LAN, and a NAT rule
will prevent VPN connections from functioning properly if it changes source IP
addresses so that they don't match the IPSec rule configured for the VPN. To
prevent this from happening, SDM can convert these to NAT rules that use route
maps. Route maps specify subnets that should not be translated.
The window shows the NAT rules that have to be changed to ensure the VPN
connection functions properly.
The IP address that NAT will translate.
The IP address that NAT will substitute for the original address.
The type of NAT rule, either Static or Dynamic.
Click OK.
This section contains procedures for tasks that the wizard does not help you
complete.
Cisco Router and Security Device Manager Version 2.2 User's Guide
How Do I...
8-67
Advertisement
Table of Contents
Troubleshooting
