cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
186
Views
5
Helpful
1
Replies
amitmarathe
Beginner

Client subnet overlapping through vpn- Destination nat

Hi,

Following is the scenerio:

Company A(172.16.1.0/24) > Company B(192.168.1.1/24)

Company A(172.16.1.0/24) > Company C(192.168.1.1/24

Need to establish VPN between A>B and A>C.

Is the destination nat is possible?

Is any other way to work on this case?

A only.

Note : We need to do changes on Company.

Please revert even though it is not possible. Appreciate your efforts.

1 REPLY 1
auraza
Cisco Employee

If you only need to get from Comp B and C to A, and not between each other, then you would need to NAT on the Company B device, and then encrypt the NAT'd traffic.

access-list BtoA_nat permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0

static (i,o) 192.168.10.0 access-list BtoA_nat

access-list crypto_BtoA permit ip 192.168.10.0 255.255.255.0 172.16.1.0 255.255.255.0

Reference the access-list above in your crypto map.

On site A, your ACL would be:

access-list crypto_AtoB permit ip 172.16.1.0 255.255.255.0 192.168.10.0 255.255.255.0

PS. If this post was helpful, please rate it.

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: ISE Demo (33%)

Content for Community-Ad