Showing results for 
Search instead for 
Did you mean: 

NAT traffic heading to VPN


I have a conflicting network (192.168.20.x/24) that I need to connect to a peer with the same network on their end.

Our inside IP addresses are in the 10.x.x.x range, as well as some 192.168.x.x addresses. Now here is what I am trying to accomplish - hopefully someone can tell me if it is even possible:

I want to connect to, which will then be NAT'd in the firewall to be as the destination IP. Then it will head over the VPN tunnel, where we show as a source IP of a publicly registered IP address ( for this example).

Hopefully someone can follow my request - Cisco TAC couldn't seem to grasp what I was trying to do.

Thanks in advance!

2 Replies 2

Cisco Employee
Cisco Employee

This will not work. From what I understand, your source IP is, which is NAT'd by the firewal to, however, the remote network that you are connecting to is also You can't NAT the once its already been NAT'd, and then put it in the tunnel. If my understanding is not clear, please draw the topology out so its a bit clearer, with IPs, etc.

So what I am looking at is to have the remote end accept traffic from our 192.168.202.x addresses, and then they will translate from that to their real IP addresses?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers