Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
204
Views
0
Helpful
1
Replies

Cisco ASA VPN configuration for NAT.

network_geek1979
Level 1
Level 1

‎09-15-2015 04:58 AM - edited ‎03-05-2019 02:18 AM

Folks,

We have some existing Juniper firewalls where we are PATting our existing IP address to another RFC1918 IP address while sending the traffic on the tunnel. This is done because the existing networks clash with the other end internal networks. So what was done was the internal IP's were PATted to a single RFC 1918 IP and traffic sent across the tunnel.

 

Now we are looking to replace the Juniper box with a Cisco ASA and would like to get the similar configuration done. We also know that this is possible, but can someone point out to a few configuration documents where such a configuration has already been done?

 

 

Thanks,

N.

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎09-15-2015 05:25 AM

N

 

I have configured site to site VPN on the ASA where we have the requirement to NAT our inside address to a different address as we send it over the VPN. I use the concept of twice NAT on the ASA to achieve it. It would look something like this

nat (inside,Public2) source static <our_inside_address> <our_mapped_address> destination static <remote_peer_network> <remote_peer_network>

In configuring the access list that identifies traffic for the VPN you use the mapped address rather than the real inside address. Otherwise it is a normal configuration of site to site VPN on ASA and I assume that you are familiar with that.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card