Showing results for 
Search instead for 
Did you mean: 

Site to Site B2B VPN

Level 1
Level 1

Having existing B2B VPN tunnels that use a specific range for NAT'ing private IPs.  Have run out of IPs in that subnet so requested an additional subnet from the ISP.  

Here's the conundrum - using both subnets in a tunnel does not work.  Either subnet works fine but when both are in the same tunnel it "breaks".  The original subnet will work but the new one does not.  

I have configured it so both IPs are in a group.  No, these subnets do not overlap.  I'm using Cisco ASA (IKEv1), the other side of the tunnel I'm having issues with is AWS.  This is the first tunnel where both subnets are being used.

Any ideas?

4 Replies 4

back to back VPN in ASA using IKEv1 ?
if that your request I will run lab test something may it solution here 

Thank you for responding.

It's two subnets ( & being used for NAT'ing in the same Site-to-Site VPN tunnel using iKEV1 on a 5525-X ASA

You meaning local lan and remote lan is same?

Where you config NAT here ?

One endpoint of the tunnel is an ASA 5525-X, the other is a client's AWS.  We NAT our private IPs to a public for use in the tunnel.  NATs are done on the ASA.