Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
0
Helpful
1
Replies

VPN L2L Source NAT- Design.

Shane Tominey
Level 1
Level 1

‎01-11-2012 06:30 PM

Hi All,

Faily new to configuring VPN and I have been asked to put a design together, so calling all those security gurus.

To give a 10,000 foot view to the issue Ive have been handed.

We have had a merger between us (Company A) and another company (Company B).

In Company A we are utilising Class A 10.0.0.0/8 addressing. The company which we have merged with (Company B) have an address range of 10.128.0.0/9 and 10.96.0.0/11.

Obviously we have conflicts here, so I have been looking at VPN solution with source NAT at either end but I have been scratching my head as to what the best design would look like.

I have been informed that 2 way communication would be preferred

Does anyone have any ideas on a design which could be utilised in this situation?

Any help would be appreciated.

Thanks again.

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎01-12-2012 12:09 AM

Quick question out of the 10/8 are you using all of the 16 million addresses??. If not - you need to work out how many subnets you are using, you know how many they are using ... 1 /9 and 1/11 looks like the other company implemented a planned ip subnet design.

Then I think the easiest thing you should do is nat on a summary boundary.

Jmtpw

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents