Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
1
Replies

Problem with overlapping subnets on 2 seperate L2L tunnels

martens72
Level 1
Level 1

‎02-15-2011 02:45 PM

Hello,

I am going through an ASA audit, and have found Customer A and Customer B have the same subnet in use. The crypto maps permit correct "interesting" traffic for each L2L (Customer network A mapped to remote site A and Customer network B is mapped to remote site B), but I have a monitoring subnet in which I would like to monitor the remote ASA and servers on remote subnet.

I am attaching a diagram to illustrate better. I am not sure if I should be NAT'ing the subnets into the local ASA where the L2L terminates. I don't see how the ASA will know which tunnel to forward monitoring traffic either. If I have to NAT, then my concern would be Customer A being able to use their tunnel to connect to their other 3 tunnels without having to point them at the new NAT block.

Any ideas or thoughts would be appreciated.

Labels:
Preview file
27 KB
0 Helpful
1 Reply 1

PAUL GILBERT ARIAS
Level 5
Level 5

‎02-15-2011 03:52 PM

you can use NAT to solve your overlapping issue.

Check the following link:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml

0 Helpful
Customers Also Viewed These Support Documents