RE: Pix vpns nat

[Javier Sanchez <jsanchez () myalert com>]

Thanks,

i was a little confused with the nat 0 access-list, but then i realized 
that i should use the vpn match option to select trafic interesting for
it. Everything is working now, thanks all .-))


Cheers

On Thu, 2004-01-22 at 04:02, Joshua Vince wrote:
> Here's what I do:
>
> create a separate access-list for each set of vpn interesting traffic
> used in the crypto map.
>
> create a "nonat" access-list that includes all the lines from all of the
> above access lists and use it for your "nat (inside) 0 access-list
> nonat" command.
>
> HTH.
>
> Josh 
>
> -----Original Message-----
> From: firewall-wizards-admin () honor icsalabs com
> [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Javier
> Sanchez
> Sent: Wednesday, January 21, 2004 5:44 AM
> To: firewall-wizards () honor icsalabs com
> Subject: [fw-wiz] Pix vpns nat
>
>
>
> Hi all again,
>
> i have allready figure out how to create several vpns, but now im facing
> another problem. I need obviously different access lists for each vpn,
> but if i try to create a new "nat (inside) o access-list X" the actual
> entry on the config got replaced with the new one. Do you know how to
> create several ?? Should i include the new access-list into the existig
> one ??
>
>
> Tia
> Cheers
>
> Javier Sanchez
> Jsanchez () myalert com
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- 

------------------------------
Javier Sanchez
System Administrator
MyAlert.com
a Buongiorno Vitaminic Company
jsanchez () myalert com
Telf: +34 91 141 51 00
FAX. +34 91 667 39 51
-------------------------------

Attachment: signature.asc
Description: This is a digitally signed message part