05-28-2012 09:55 AM - edited 03-07-2019 06:56 AM
Hello,
I have to connect two sites using VPN Tunnel. For that I have on one side a RV042 router and on the other side a CISCO 861. In addition to the VPN connection, I have also to translate IP addresses from one site.
On site A:
LAN: 192.168.10.0 /24
On site B
LAN 10.1.10.0/24
For the site B the LAN of site A must be 10.1.20.0/24. But I cannot change computer IP. So I need to translate (NAT) site A LAN from 192.168.10.0 to 10.1.20.0 network.
It seems that the RV042 router cannot NAT lan through VPN. Based on equipment feature I buy a CISCO 861 router. But I don’t found how to configure the inside LAN to LAN nat.
Thank you for your help.
Regards.
05-28-2012 11:01 AM
Hi,
To translate 192.168.10.0/24 to 10.1.20.0/24 the following configuration can help.
Site A
int fa0/0
ip nat inside
int ser0/0
ip nat outside
access-list 111 permit ip 192.168.10.0 0.0.0.255 any
ip nat pool TRANSLATION 10.1.20.1 10.1.20.254 netmask 255.255.255.0
ip nat inside source list 111 pool TRANSLATION
Verfication:
Show ip nat translation
Show ip nat statistics
05-28-2012 12:01 PM
Hi Laurent,
What you need is policy based static-nat which will carry your natted subnet over IPSec tunnel.
Please follow the link, which explians step by step method of setting static-nat for IPsec tunnel.
http://www.booches.nl/2009/01/policy-nat-on-cisco-router/
Hope that helps.
thanks
Rizwan Rafeek
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide