cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
59
Views
0
Helpful
1
Replies
Beginner

CISCO ASA VPN and NAT

Hi I have a company that want to use a site-site VPN.

(IP addresses made up for example)

Public IP 91.91.75.101

They do not want us to directly access the internal network and  are using two Nat addresses to internal servers. 

91.91.75.110

91.91.75.112

Although the ip addresses above are available publicly,  want all traffic between us and them to go via a VPN.

I have never done this type of VPN before and only normally create these using the ADSM. 

Can anyone help point me in the correct direction. 

Thanks

Mark

1 REPLY 1
Highlighted
VIP Mentor

when sending traffic to your

when sending traffic to your peer, NAT is done before encryption. That means that you have to:

  1. Build a NAT-rule for that server
  2. include the translated IP into your interesting traffic for the VPN that is gets encrypted.