complicated vpn

briandudley1 · ‎10-11-2011

I am trying to connect together 2 medium - large networks using a nat'd vpn connection. Both networks have several hundred subnets with numerous overlapping subnets. One of the subnets on my end includes a connection to an AS400 on a private network behind another firewall. I am including a picture because it can describe it better. Sorry for the crude drawing

From the Remote network, I can successfully connect to a device on our local network using a nat translation of 10.16.0.5 > 10.1.1.5 on our local ASA. I am not able to connect to to the AS400 at the end of the line from the remote network. I can connect to it from our local network with no problem. The AS400 is behind a private firewall and I do not have access to make any changes beyond router 3. The Nat translate statements on Router 3 are required by something on the AS400 side, but again it is out of my control and I have no idea what it is. I cannot connect directly to the

firewall behind router 3.

I have had Cisco Tech support working on this for 3 days now with no resolution in sight. Please help if you can. I need ideas on why this wont work and hwo to fix it.

Thank you.

andrew.prince · ‎10-12-2011

For me the first thing that I would create and test a translation on R1 from 192.168.90.150 to an address from the Local Network - as IP's from the local network are able to access the AS400!

briandudley1 · ‎10-13-2011

I was able to figure it out. The Router 3 had an access list on it that did not allow anything except 10.0.0.0/8.

Thank you for the response.

andrew.prince · ‎10-13-2011

Excellent - thanks for posting on the thread.