Hello all,
This is my first post on a forum so bare with me
Here's my setup.
Site A: 1811 with ipsec VPN to Site B and Site C
inside 192.168.100.0 /24
Site B: 1811 with ipsec VPN to Site A
inside 192.168.10.0 /24
Site C: 1811 with ipsec VPN to Site A
inside 192.168.10.0 /24
Sites B and C do not have connectivity, nor do they need to.
Because Sites B and C have overlapping subnets I am attempting to NAT the entire inside network of Site C via a nat pool and route-map.
We are overloading for internet connectivity at each site.
The tunnel between Sites A and C becomes active only when initiated from Site C (where I am nat'ing the entire inside subnet). I can ping and telnet from Site C to Site A successfully.
However, I cannot ping or telnet from Site A to Site C even after the tunnel is established.
I am using a NAT pool with 'match-host' and route-map in Site C. I can see the nat translation table in Site C shows the proper nat's but only when initiated from Site C. The nat table is blank when initiating the traffic from Site A.
What am I missing?
Any help is GREATLY appreciated. I've been banging my head against this for the better part of a week. I think I have the configuration correct according to what I've read online.
The ACL's and NO-NAT entries seem to be correct considering I do have connectivity from one side. This seems like a NAT issue whereas the NAT is never created unless the traffic is initiated from Site C where the NAT is configured.
Please let me know if you need additional information or config's.