Hello Everyone,

I am working in one of the financial institute and we in process of implementing our bank ATM. Our ATM Switch is located at Nepal. Now to make our ATM functional, i was instructed to create a VPN tunnel where our bank ATM machine can talk with ATM switch.

ATM Switch company at Nepal they are using Forgigate as gateway and we are using ASA Firewall. They have asked using to use the IP Block 192.168.2.0/24 block for All ATM Machines. That means when our ATM Machine talks with their ATM Switch the request should reached there with the IP 192.168.2.X which will understand by their gateway and allow.

Our Bank ATM Machine will be located in Head Office and Branch Office. Head Office network as a IP Block of 192.168.1.0/24, 192.168.3.0/24... and so on. I have kept IP Block 192.168.3.0/24 for ATM Machines.

In Branch Office the IP block is 173.16.X.X/24 which passes through Branch VPN Router via ISP to our Head Office VPN Router and then to Internal LAN.

Their ATM Switch IP Block is 192.168.218.0/24 which our gateway should understand.

We have lots of discussion with the ATM Switch vendor about this network issue and could not resolve since their equipments are different then our bank.

Now in order to make this network functional i need some configuration advice. The Network should flow in this manner:

Head Office

ATM Switch Hos --> ATM Gateway -->Internet Cloud--->Bank Router --->ASA Firewall--->Layer Switch-->Distribution Switch --->Access Switch --->ATM Machine (Vice Versa)

Branch Office

ATM Switch Hos --> ATM Gateway -->Internet Cloud--->Bank Router --->ASA Firewall--->HO VPN Router-->VPN Cloud --->Branch VPN Router --->Branch ATM Machine (Vice Versa)

This is the simple network flow which i have mentioned.

Therefore i would like to request all experts in this forum to give me some feedback, how will go for configuration.

Thanks,

TashiBDFCL