02-09-2005 01:46 PM - edited 02-21-2020 01:35 PM
Is it possible to create a p2p VPN between to PIXs and use the Outside NAT feature to NAT traffic at the remote site.
Ex:
Site A
10.1.1.x 255.255.255.0 Inside
99.99.99.99 Outside
Site B
99.99.99.98 Outside
10.30.2.x Inside
Can I NAT traffic coming into Site B using the same Network (10.30.2.x)?
02-09-2005 02:03 PM
No you need two diffrent networks on both PIX's inside network, otherwise you cannot route that traffic into the Tunnel.
You can NAT a network comming from the remote VPN site but you need definitly two diffrent network ranges.
sincerely
Patrick
02-10-2005 02:29 AM
Patrick,
I'm sorry to have to correct you but you can have 2 inside networks with overlapping address space communicating over a VPN.
uscsupport,
Providing you have ver 6.2 you can accomplish this. What doesn't look correct to me though are your outside IP addresses at both site A and site B. Why would an ISP supply overlapping Net's to 2 different company's?
If what you are trying to achieve is a S2S VPN and both the sites have the same internal IP addressing schemes, then it is certainly do-able.
Check the following link for a detailed explanation.
02-10-2005 05:41 AM
Upps I missunderstood the question, yeah Steve you are absolutly right it is possible to NAT doublicated Network ranges.
02-14-2005 11:52 AM
02-21-2005 05:42 AM
Hi,
This configuration is not possible with dynamic nat translation, you can try make this with static Nat.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide