cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
238
Views
0
Helpful
2
Replies

NAT traffic heading to VPN

ericwilcoxsg
Beginner
Beginner

I have a conflicting network (192.168.20.x/24) that I need to connect to a peer with the same network on their end.

Our inside IP addresses are in the 10.x.x.x range, as well as some 192.168.x.x addresses. Now here is what I am trying to accomplish - hopefully someone can tell me if it is even possible:

I want to connect to 192.168.206.20, which will then be NAT'd in the firewall to be 192.168.20.20 as the destination IP. Then it will head over the VPN tunnel, where we show as a source IP of a publicly registered IP address (1.2.3.4 for this example).

Hopefully someone can follow my request - Cisco TAC couldn't seem to grasp what I was trying to do.

Thanks in advance!

2 Replies 2

auraza
Cisco Employee
Cisco Employee

This will not work. From what I understand, your source IP is 192.168.206.20, which is NAT'd by the firewal to 192.168.20.20, however, the remote network that you are connecting to is also 192.168.20.20. You can't NAT the 192.168.20.20 once its already been NAT'd, and then put it in the tunnel. If my understanding is not clear, please draw the topology out so its a bit clearer, with IPs, etc.

So what I am looking at is to have the remote end accept traffic from our 192.168.202.x addresses, and then they will translate from that to their real IP addresses?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers