We are looking to use the CSR1000V for multiple clients using IPSEC tunnels into our AWS Environment so we can manage 1000's of client end devices. To support this we wanted to setup NAT but were unsure on the best method being used by most organisations today.
How are others doing NAT on these CSR1000V devices, is there any automated method that is suggested for NAT solutions with clients devices or is it more a manual process.
The CSR's are for Point to Point VPN. (Essentially we will have 10-15 client Point to Point VPN's) and we will be supporting their client end devices via monitoring. Due to possible overlapping IP's we are investigating what the best possible NAT solution would be.
We do most of our automation with Ansible, works reasonably well, have had a play with the API module but looks like a lot of work to implement hopefully someone will write a terraform module for it in the future.