ā04-12-2023 06:42 AM
Having existing B2B VPN tunnels that use a specific range for NAT'ing private IPs. Have run out of IPs in that subnet so requested an additional subnet from the ISP.
Here's the conundrum - using both subnets in a tunnel does not work. Either subnet works fine but when both are in the same tunnel it "breaks". The original subnet will work but the new one does not.
I have configured it so both IPs are in a group. No, these subnets do not overlap. I'm using Cisco ASA (IKEv1), the other side of the tunnel I'm having issues with is AWS. This is the first tunnel where both subnets are being used.
Any ideas?
ā04-12-2023 07:04 AM
back to back VPN in ASA using IKEv1 ?
if that your request I will run lab test something may it solution here
ā04-17-2023 07:58 AM
Thank you for responding.
It's two subnets (192.58.245.64/27 & 192.58.202.16/28) being used for NAT'ing in the same Site-to-Site VPN tunnel using iKEV1 on a 5525-X ASA
ā04-17-2023 08:11 AM
You meaning local lan and remote lan is same?
Where you config NAT here ?
ā04-17-2023 08:14 AM
One endpoint of the tunnel is an ASA 5525-X, the other is a client's AWS. We NAT our private IPs to a public for use in the tunnel. NATs are done on the ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide