Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
392
Views
6
Helpful
1
Replies

Overlapping Site-2-Site VPN PIX 515e

imran.net
Level 1
Level 1

‎12-28-2006 11:02 PM - edited ‎02-21-2020 01:21 AM

we have a site-to-site VPN with our client based Dubai, unfortunately we are having an overlapping issue between the link.

Client IP pool i.e. 172.16.10.0/24 is the same as our DMZ pool we assigned. It is not possible for the Client to change their network nor it is possible for us.

Is there any way i could enable src nat on the inbound traffic after it exits the VPN tunnel on our PIX? can anyone suggest a better way please

0 Helpful
1 Reply 1

kamal-learn
Level 4
Level 4

‎01-03-2007 08:57 AM

hi

in situation where you have overlapping networks i thinks the best way to go is to use nat in both directions, i mean

ip nat inside source list XX pool out-pool

ip nat outside source list XX pool in-pool

where XX is an access-list that allows the common addressing space in both networks :

access-list xxx permit ip 172.16.10.0 0.0.0.255 (if the common addressing space is 172.16.10.0/24)

out-pool is a pool for your outbound traffic going to the other network

in-pool another pool for your inbound traffic , that coming from the other network towards your netwok.

HTH

Please do rate if it does help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card