Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
1
Helpful
1
Replies

FTD NAT SCENARIO

Himanshu_Dwivedi
Level 1
Level 1

‎12-12-2023 07:08 PM

Hello,

Please see below architecture, in which there are 2 FTD(FDM MAnaged) and both have zone_1(outside) and zone_2(inside) zone, both the FTD have default route towards next hope, site to site VPN is configured, and presently there is any any policy applied, everything is working fine, PC-A is ping to PC-B Vice versa. But Customer wants that PC-A IP (172.16.0.2) from SITE-1 should be seen 172.16.1.3 which is the free IP of SITE-2 Network. I have created 1:1 NAT Entry but when I try to Ping the 172.16.1.3 from PC-B it is not pinging. I beileve it will not ping. How to solve this issue.

Himanshu_Dwivedi_3-1702436548558.png

 

Himanshu_Dwivedi_4-1702436767455.png

 

 

 

 

0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎12-12-2023 07:53 PM

That not work 

If we change PC-A to be in same subnet of PC-B then

When PC-B ping PC-A it will send broadcast ask mac because it assumes it in same subnet

But of PC-A have different subnet the PC-B send to it GW which is FTD and then FTD forward it via vpn.

We use NAT to solve overlapping not to make one.

MHM

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card