Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
708
Views
0
Helpful
1
Replies

NAT through the IPsec tunnel

fedecotofaja
Level 1
Level 1

‎07-26-2009 03:56 PM - edited ‎02-21-2020 04:17 PM

Hi All,

I need to establish an IPsec Lan-to-LAN tunnel between an ASA and a Cisco router.

I also need to NAT both LANs on both sides when the traffic goes through the tunnel.

I know how to do ''Policy NAT'' on the ASA, so that you can define with an ACL and with a NAT/GlOBAL or STATIC command you can define the policy, and then the CRYPTO ACL defines the traffic from the translated addresses...

My question is on the Router side...

How do I do Policy NAT on the router?

I have tried creating a pool of addresses for the INSIDE LAN but I'm having some problems.

Question:

Can I establish the tunnel from either side (ASA or Router)? I ask this because if there's no translation established, I cannot communicate with the device on the other end...

Whay I want to accomplish is to be able to NAT on both sides (ASA & Routers) and be able to establish the tunnel from either side... Is this possible and how?

Thank you!!

Federico.

Labels:
0 Helpful
1 Reply 1

fedecotofaja
Level 1
Level 1

‎07-27-2009 11:45 AM

Can somebody help me with this?

Basically I need to know how to implement Policy NAT in the Router side to NAT the inside network to another range and know how to be able to establish the IPsec tunnel from either side.

Thank you.

Federico.

0 Helpful
Customers Also Viewed These Support Documents