Cisco Community
English
Register
Cisco Community will be under MAINTENANCE Nov 18 from 12 AM to 1 PM EST to migrate and welcome Cisco Private Communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

386
Views
0
Helpful
2
Replies
Highlighted
rickmccl
rickmccl Beginner
Beginner
‎02-05-2013 12:36 PM
‎02-05-2013 12:36 PM

Multiple L2L VPN with overlapping remote network ranges?

I have an ASA5510, and site-to-site VPN with several remote clients. I have to add another client but their network range overlaps an existing tunnel. Both are using 172.16.0.0/16. I would like to 1-to-1 NAT them as 172.17.0.0/16.

Is it possible to perform the NAT on my device, post-decryption, or is it necessary that I have them perform the NAT at their end?

thanks,

Rick

Labels:
Everyone's tags (5)
0 Helpful
Reply
2 REPLIES 2
rais
rais Frequent Contributor
Frequent Contributor
‎02-05-2013 12:52 PM
‎02-05-2013 12:52 PM

Multiple L2L VPN with overlapping remote network ranges?

NAT happens on Cisco post-decryption. Here is a link.

HTH.

0 Helpful
Reply
rickmccl
rickmccl Beginner
Beginner
‎02-05-2013 12:55 PM
‎02-05-2013 12:55 PM

Re: Multiple L2L VPN with overlapping remote network ranges?

That sounds like a No -- as it seems to lead to having 172.16/16 in SA's on two tunnels, which I'm much more confident in saying it won't work.

Policy based nat seems to revolve around IP addressing, and is not able to attach a NAT policy to a tunnel group.

0 Helpful
Reply
Latest Contents
Cisco 2509-RJ terminal server freezes during startup
Created by hugosilva624511431 on 11-13-2019 08:57 AM
1
0
1
0
Cisco 2509-RJ freezes during start-up I bought some Cisco 2509-RJ terminal server to work on my labs and was working fine. Today I turned it on and half way through starting up it seems to freeze. I can only find one instance of this happing to ... view more
Cisco Digital Network Architecture Center Modules (Design M...
Created by Mohamed Alhenawy on 11-10-2019 10:24 AM
0
0
0
0
Cisco Digital Network Architecture Center Modules(Design Module)Part.2In this article, we are going to talk about the Cisco Digital Network Architecture Center design Module. Cisco DNA Center gives us the flexibility and availability to con... view more
Network Automation Solution : How to save configuration file...
Created by KrishnaTiwari8030 on 11-03-2019 04:15 AM
0
0
0
0
import netmikofrom netmiko import ConnectHandlerdevice = ConnectHandler(device_type="cisco_ios", ip="DEVICE IP", username="USERNAME", password="PASSWORD")output1 = device.send_command("show running-config")save_file = open("Switch_running.txt","w")save_fi... view more
ENCS Design and Deployment Best Practice
Created by kramesh on 11-02-2019 04:17 PM
0
0
0
0
Connectivity Design considerations and recommendation 1.Management Access connectivity If there is a dedicated OOB management path, consider connecting to CIMC and MGMT port. If OOB path is not available, Connect the dedicated Management port to LAN Swi... view more
Cisco Digital Network Architecture Center Modules (Design Mo...
Created by Mohamed Alhenawy on 11-02-2019 10:30 AM
0
0
0
0
Cisco Digital Network Architecture Center Modules In this article, we are going to talk about Cisco Digital Network Architecture Center design Module. Cisco DNA Center gives us the flexibility and scalability to configure multiple fabric sites a... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
August's Community Spotlight Awards