03-10-2021 05:46 PM
I have an ASA 5508-x and I've got a vendor who wants to create a site to site vpn between us and their ASA.
They would like to give me a /28 subnet of private IPs to use to avoid overlapping on their network and then they want me to nat those to my assigned private IPs of the servers they need to talk to.
What is the best way to do that? Would I create a network object for each server with it's assigned IP. Create the site to site vpn tunnel with their /28 range, then I'm confused on how I would Nat a private subnet to another private subnet or how I can do this.
Any suggestions would be great, I typically use the ASDM but can probably figure it out if someone has an example on the cmd.
Thank you!
Solved! Go to Solution.
03-11-2021 12:58 PM
Dear,
you should create the VPN tunnel using the NAT subnet and on the NAT rule create a new policy for natting your subnet with the new NAT subnet when your destination is the remote network behind the VPN tunnel.
03-11-2021 12:58 PM
Dear,
you should create the VPN tunnel using the NAT subnet and on the NAT rule create a new policy for natting your subnet with the new NAT subnet when your destination is the remote network behind the VPN tunnel.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide