cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
833
Views
0
Helpful
0
Replies

Multiple IPSec VPNs with multiple overlapping Subnets

Dear Cisco Community,

I am looking for a way to connect a subnet on my site to subnets of several clients via VPN using an IOS router.

Several clients have an overlapping IP space. The clients must not connect to each other.

[MY NET 192.168.255.0/24] ---> [my IOS Router] --VPN--->[Client 1 Router] --> local Subnet [10.0.0.0/8]

[MY NET 192.168.255.0/24] ---> [my IOS Router] --VPN--->[Client 2 Router] --> local Subnet [10.0.0.0/8]

[MY NET 192.168.255.0/24] ---> [my IOS Router] --VPN--->[Client 3 Router] --> local Subnet [10.0.0.0/8]

The goal is to reach the specific subnets by NAT:

[MY NET 192.168.255.0/24, dest. 10.0.0.0/8] ---> [my IOS Router] --VPN--->[Client 1 Router] --> local Subnet [10.0.0.0/8]

[MY NET 192.168.255.0/24, dest. 20.0.0.0/8] ---> [my IOS Router, dest NAT to 10.0.0.0/8] --VPN--->[Client 2 Router] --> local Subnet [10.0.0.0/8]

[MY NET 192.168.255.0/24, dest. 30.0.0.0/8] ---> [my IOS Router, dest NAT to 10.0.0.0/8] --VPN--->[Client 3 Router] --> local Subnet [10.0.0.0/8]

I think this can be done with NAT but unfortunately the translation is done before the router looks into the specific crypto map ACL to decide in which tunnel the traffic should flow. I need to map the NAT rules to the tunnels somehow... I hope you understand what I mean.

Is there any way to achieve this goal?

Thanks in advance,

Alexanader Fischer

Everyone's tags (5)
CreatePlease to create content
Content for Community-Ad