Nat rules change after 8.3 upgrade breaks VPN

Normal Nat statment

access-list nonat extended permit ip
nat (inside) 0 access-list nonat-inside

New nat statment

object network vpnpool

nat (inside,outside) source static any any destination static vpnpool vpnpool

This NAT rule says to keep the source address for anything coming from the internal interface going to the range designated by the vpnpool object while also keeping the destination address the same.

Seems like a strange way of going about this but this is all i have come across so far. Anyone else has a better way please leave a comment.


Jeremy Whittaker is a Senior Consultant for N2 Network Solutions, a leader in Arizona computer consulting. Specializing in Exchange 2010, Cisco networking, and IT outsourcing.

Posted in networking Tagged with: , , , , , ,

Leave a Reply