03-13-2008 11:27 PM
I'm trying to create a LAN-to-LAN VPN tunnel between our Headquarters and a branch office. We have a same IP network for both the Head quaters and the branch office. The tunnel is not coming and it's showing There are no isakmp sas. What am I missing out? Do I have to use different IP networks at the Branch office to the IP Network at the Headquarters.
03-14-2008 05:13 AM
You can use the same ip network but it complicates things, you would need to apply double NAT (i.e. translate both source and destination addresses).
Personally I would recommend to use different IP ranges if at all possible, it will make life so much easier.
03-14-2008 06:57 PM
If I have to use different IP Network for the branch offices, will this option make it possible for our servers, e.g DNS servers to talk to the DNS servers at our head quarters?
03-15-2008 02:55 PM
please see the link this is tell you how to confiugre the vpn with overlaping IP addresss
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml
03-16-2008 12:32 AM
Thanks for the reply.
Would you have something similar to configuring vpn with overlaping IP address between ASA5510 v7.0 and PIX 515E ver 6.4
03-14-2008 08:04 PM
Hi
pls help me as now I'm really confused how I should apply double NAT. I have a diagram attached here for my kind of setup.
I do appreciate your help.
03-14-2008 08:06 PM
03-16-2008 04:50 PM
pls help me with my query. I have the diagram attached.
03-17-2008 10:27 AM
Hi,
1. As your Firewall/ASA outside interface showing pvt. IP (from diagram) are you using NAT on the rtr connecting outside of the ASA..?
2. You are using Pvt. IP scheme, but Iam not what exactly you mean by same IP address space on bth ends.
3. If you clearly explain exact scenarios and post the clean configs of ASA, someone will definitely be able to help you.
hth
MS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide