Posts

Nat rules change after 8.3 upgrade breaks VPN

Normal Nat statment
access-list nonat extended permit ip
nat (inside) 0 access-list nonat-inside
New nat statment
object network vpnpool
subnet
exit
nat (inside,outside) source static any any destination static vpnpool vpnpool
This NAT rule says to keep the source address for anything coming from the internal interface going to the range designated by the vpnpool object while also keeping the destination address the same.
Seems like a strange way of going about this but this is all i have come across so far. Anyone else has a better way please leave a comment.