cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2284
Views
0
Helpful
4
Replies

asa site to site vpn with overlapping networks

marramix01
Beginner
Beginner

I am trying to set up a site to site tunnel with overlapping networks. The customer has asked if I can use an public ip address (same network as the outside interface of the asa) - I dont want to use a public Ip address for this temporary deployment

I recall setting up a vpn site to site with overlapping networks in past (cant find my documentation)

I think I defined the following:

Natted inside networks to a ip address on the outside interface of the asa using something like 10.30.1.25

Build the tunnel and specify the source address of the tunnel to be 10.30.1.25

Is there anything else to it?

What type of nat would do the trick?

Any help would be greatly appreciated.

Thanks,

maramix01

4 Replies 4

Jouni Forss
Mentor
Mentor

Hi,

Can you reply with the source and destination networks. Or is there perhaps only a certain hosts that need to use the VPN on each end?

Anyway, reply with the real IP addresses/network on both end and I can check the NAT and encryption domain configurations.

What software are you running on the ASA? 8.2? 8.3? 8.4? or perhaps something older?

- Jouni

Inside 10.250.11.10,11, 45<----asa----> outside 167.165.10.1 <-Internet> 155.16.35.1 outiside <-vpn device?> ---10.250.11.0

I am not familiar with their set up, but the only thing I was informed was that 10.250.11 might be used on their  end internally and if I could nat the hosts on inside to an outside IP address.

ASA running 8.0 (4)

Thanks again,

marramix01