Meraki

Community

About SmokinIndo

Re: Meraki to ASA site-to-site setup - what is the purpose of disabling NAT...

by in Security & SD-WAN
‎Aug 24 2020 6:26 AM
‎Aug 24 2020 6:26 AM
Thank you for your response. Shouldn't the NAT exception apply to phase one traffic as well? Our phase one vpn traffic appears to be running fine. It's entering phase 2 that it seems to be having trouble. I'm trying to troubleshoot it as the lifetimes, encryption, and hash all match up. I was wondering if the NAT instruction was causing the issue. ... View more

Meraki to ASA site-to-site setup - what is the purpose of disabling NAT on ...

by in Security & SD-WAN
‎Aug 21 2020 12:34 PM
‎Aug 21 2020 12:34 PM
I'm specifically referring to step 4 in the CLI instructions for setting up the ASA side of a site-to-site tunnel. I would post a link to the official Meraki documentation, but the forum doesn't allow links, so it is what it is. Step 4 of the instructions say:   4.     Exclude the VPN traffic from being natted nat 0 access-list 90    The network we're trying to build a tunnel to uses NAT for all the VMs on our network. Wouldn't disabling NAT make it so that no outside devices are able to communicate with machines on our network?    Why do I want to disable NAT for the access-list that I'm using to set up a tunnel? ... View more
© 2024 Cisco Systems, Inc.