cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

299
Views
0
Helpful
0
Replies
Highlighted
Beginner

Nat inside site to site VPN.

Hello, everyone!

I got a problem. I have to setup NAT between 2 subnets which are connected by cisco 1841 site-to-site VPN . I have already set up site-to-site VPN tunnel. it works properly.

For example

My network 192.168.1.0/24

Remote network 192.168.2.0/24

I should to set up:

If i connect to address 192.168.2.10 from network 192.168.1.0/24. the network should be hiden behind address 192.168.1.100

If i connect to address 192.168.2.20 from network 192.168.1.0/24. the network should be hiden behind address 192.168.1.200

If i connect to address 192.168.2.30 from network 192.168.1.0/24. the network should be hiden behind address 192.168.1.250

 

it is a part of config:

----

ip nat pool POOL1 192.168.1.100 192.168.1.100 netmask 255.255.255.252

ip nat pool POOL2 192.168.1.200 192.168.1.200 netmask 255.255.255.252

ip nat pool POOL3 192.168.1.250 192.168.1.250 netmask 255.255.255.252

 

ip nat inside source list NAT1 pool POOL1 overload

ip nat inside source list NAT2 pool POOL2 overload

ip nat inside source list NAT3 pool POOL3 overload

 

ip access-list extended NAT1

permit ip 192.168.1.0 0.0.0.255 host 192.168.2.10

 

ip access-list extended NAT2

permit ip 192.168.1.0 0.0.0.255 host 192.168.2.20

 

ip access-list extended NAT3

permit ip 192.168.1.0 0.0.0.255 host 192.168.2.30

----

Only this nat "ip nat inside source list NAT3 pool POOL3 overload" works. I can see "ip nat translations"

The other rules of nat doesn't work. It look like packages don't go to the VPN tunnel. 


Sorry for my english and thanks in advance for answering.

 

 

Everyone's tags (2)
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards