Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
435
Views
0
Helpful
2
Replies

VPN NAT question

kareem.afifi
Level 1
Level 1

‎05-22-2013 06:50 AM

Hello,

I'm using a Cisco Concentrator VPN 3030. I have an existing VPN tunnel where i'm making Static NAT entry's for a local IP subnet and only using the NAT'd address for the Local Address list.

The NAT subnet is a /29

Problem is I need to add 2 new Static entry's and i'm basically down to 1 useable IP. In this case can I use the network and Broadcast address if needed? I need to make a change with in the next 24 hours and right now expanding the subnet is just not an option. Was told that because we are NAT'ing over the VPN tunnel we could use the Broadcast NAT address for now.

Can someone validate this?

Thank you                

Labels:
0 Helpful
2 Replies 2

jj27
Spotlight
Spotlight

‎05-22-2013 07:03 AM

As long as you are not routing the subnet as a /29 across the tunnel and you are using the individual IP addresses across the tunnel then you should be able to use the network and broadcast addresses as valid IPs.  Once you try to start routing the subnet as a whole  is where you'd run into issues.

0 Helpful

kareem.afifi
Level 1
Level 1
In response to jj27

‎05-22-2013 07:30 AM

I'm not routing the /29 through my network. But through the tunnel I do have the network list setup as the following

10.1.1.0 0.0.0.7 as part of my network list. I have this on my local list and they have that on thier end as thier remote list.

The only thing i'm doing indivdually is the the Static NAT's. Sounds like I could have an issue with this?

0 Helpful
Customers Also Viewed These Support Documents