Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
1
Replies

SOURCE NAT help for L2L VPN?

StevenMiller93376
Level 1
Level 1

‎12-08-2020 03:10 PM

Hey folks,

 

Essentially Vendor A has a tunnel with Customer B (me). However, they really are sending their traffic to partner C through me, and the problem is that Vendor A has a private source IP that is the same as in partner C's network. Partner C refuses to NAT anything, so I need to do it myself.

 

This has to be common but I cannot figure it out. The tunnels are up. The normal config for tunnels to work is there, but now I need this additional NAT statement and perhaps ACL rule and I am struggling.

 

Vendor A's private source is 172.16.1.1 and I need to translate it into 10.1.1.1 before it reaches the destination of 192.168.1.1, otherwise it won't come back to my firewall.

 

The VPN is already up and 172.16.1.1 is allowed to talk to 10.10.10.10 and there is the appropriate ACL and no nat for this. I only want 172.16.1.1 translated to a source of 10.1.1.1 if it is going to 192.168.1.1

0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎12-08-2020 06:41 PM

I think site c is hub and site a and b is spoke,

The traffic go from site a to site b through site c?

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents