Solved: s2s VPN with translated NAT - Same networking range

mthomaz · ‎02-26-2018

Hi,

I have got two different sites, where each site has its own Cisco ASA 5510.

The network looks like this:

Site-A

Outside: 1.1.1.1

DMZ: 192.168.1.0/24

Inside: 192.168.2.0/24

Host: 192.168.1.8

Site-B

Outside: 2.2.2.2

DMZ: 192.168.1.0/24

Inside: 192.168.2.0/24

Host: 192.168.2.9

I need to access from Site-A 192.168.1.8 the 192.168.2.9 server on Site-B.

site-a:192.168.1.8 ------> site-b:192.168.2.9

So, every time the 192.168.1.8 host on site-A tries to connect to 192.168.2.9, the ASA should send it to the VPN instead of the inside network.

But as you can see, both sites share the same networks....

What would be the best solution here? I can setup a VPN between those 2 ASAs but I would need a NAT TRANSLATED?

Could you please help with the steps and NAT statement?

Cheers!

Francesco Molino · ‎02-26-2018

Hi

As you've overlapping subnets, you'll need to Nat the source and destination address.

This has been discussed multiple times on the forum.

Take a look on this Cisco documentation that shows some config for the same specific case:

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Francesco Molino · ‎02-26-2018

Hi

As you've overlapping subnets, you'll need to Nat the source and destination address.

This has been discussed multiple times on the forum.

Take a look on this Cisco documentation that shows some config for the same specific case:

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question