Cisco Community
English
Register
Their endless contributions help thousands around the globe. Meet the new Cisco VIP 2022 Class! LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
208
Views
0
Helpful
2
Replies
ericwilcoxsg
Beginner
Beginner
‎06-24-2009 10:08 AM
‎06-24-2009 10:08 AM

NAT traffic heading to VPN

I have a conflicting network (192.168.20.x/24) that I need to connect to a peer with the same network on their end.

Our inside IP addresses are in the 10.x.x.x range, as well as some 192.168.x.x addresses. Now here is what I am trying to accomplish - hopefully someone can tell me if it is even possible:

I want to connect to 192.168.206.20, which will then be NAT'd in the firewall to be 192.168.20.20 as the destination IP. Then it will head over the VPN tunnel, where we show as a source IP of a publicly registered IP address (1.2.3.4 for this example).

Hopefully someone can follow my request - Cisco TAC couldn't seem to grasp what I was trying to do.

Thanks in advance!

Labels:
0 Helpful
2 REPLIES 2
auraza
Cisco Employee
Cisco Employee
‎06-25-2009 09:52 AM
‎06-25-2009 09:52 AM

This will not work. From what I understand, your source IP is 192.168.206.20, which is NAT'd by the firewal to 192.168.20.20, however, the remote network that you are connecting to is also 192.168.20.20. You can't NAT the 192.168.20.20 once its already been NAT'd, and then put it in the tunnel. If my understanding is not clear, please draw the topology out so its a bit clearer, with IPs, etc.

0 Helpful
ericwilcoxsg
Beginner
Beginner
In response to auraza
‎06-25-2009 10:31 AM
‎06-25-2009 10:31 AM

So what I am looking at is to have the remote end accept traffic from our 192.168.202.x addresses, and then they will translate from that to their real IP addresses?

0 Helpful
Latest Contents
Meet Cisco Secure X- CL event video
Created by Cisco Moderador on 01-21-2022 09:44 AM
0
0
0
0
Community Live Event Video Are you ready to level up your security? Learn more about how Cisco SecureX can help you simplify your security and maximize operational efficiency. This event talks about Cisco SecureX, its benefits, features, and usage. Th... view more
ASA new NAT commands are horrible.
Created by Frank27 on 01-19-2022 10:54 PM
1
10
1
10
Hi all,I cannot understand why is something working very well they create a way to complicate things in Cisco ASA OS. I have a rule :object network LOCAL_ADRESS1 host 192.168.20.12 nat (VLAN20,outside) source static LOCAL_ADRESS1 interface&... view more
Voting period open for the 2021 IT Blog Awards, hosted by Ci...
Created by Amilee San Juan on 01-19-2022 02:45 PM
0
5
0
5
It is our pleasure to officially announce the finalists in the 2021 IT Blog Awards. We are now looking to our amazing tech community to check out the amazing line up of bloggers, vloggers and podcasters. Make sure to vote for your favorites... view more
Meet Cisco Secure X- CL event slides
Created by Cisco Moderador on 01-18-2022 11:18 AM
0
10
0
10
Community Live Event Slides This event talks about Cisco SecureX, its benefits, features, and usage. The session includes sample use cases and live demonstrations. Cisco expert Luis Silva talks about how this solution can integrate Cisco technology and ... view more
Cisco ISE Posture Assessment with Aruba Wireless AP
Created by Mitesh Manwatkar on 01-15-2022 12:46 AM
0
5
0
5
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4.... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad