Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
10
Helpful
1
Replies

Configure Double NAT for overlapping remote LAN subnets in VPN tunnel

cybergeek
Level 1
Level 1

‎03-30-2022 03:22 PM - edited ‎03-30-2022 03:40 PM

Hi All

I need some help in configuring the NAT via ASDM, my case is as follows:

I have a requirement where there are multiple subnets with different CIDRs in remote LAN subnets and some of these subnets are already in use by other customers on my end. So i am wondering how we will perform the doublet NAT for these subnets. 

e.g. these are the remote LAN subnets i need to configure in the vpn tunnel

10.1.10.0/24

10.1.11.0/24

10.1.12.0/24

10.1.13.0/24

10.1.14.0/24

10.1.15.0/24

10.1.32.0/19

10.1.64.0/18

10.1.128.0/17

 

Now subnet 10.1.11.0/24, 10.1.12.13, 10.1.32.0/19 are already used by one of my other customers. So i want to know how i will perform the NAT for these overlapping subnet in Cisco ASA. I have picked up some subnets for NAT which are 192.168.60.0/24, 192.168.61.0/24 and 192.168.62.0/24. Also do i need the NAT statement which is automatically generated by ASDM when we choose "NAT exempt" check box. If some can please share the ASDM output how to configure the NAT in this case that will be really helpful. 

Thank you very much in Advance. 

 

 

Labels:
1 Reply 1

cybergeek
Level 1
Level 1

‎03-30-2022 03:31 PM

I am thinking this NAT statement:

nat (Inside,outside) 187 source static 10.1.11.0 192.168.60.0 destination static Customer-Remote-LAN Customer-Remote-LAN 

 

And I will add 192.168.60.0 in Customer-Remote-LAN object group. 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card