Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
5
Helpful
2
Replies

VPN NAT question

burleyman
Level 11
Level 11

‎03-09-2015 01:11 PM

I am looking for confirmation if this is possible or not.

I am being asked to configure an ASA 8.2 to NAT in the following way.

 

Local LAN - 10.30.1.0/24

Remote LAN - 172.31.255.128/25

Remote NAT - 172.31.17.0/24

 

I am being asked to set up NAT when going to the Remote LAN 172.31.255.128/25 to NAT the 10.30.1.0/24 to 172.31.17.0/24 but make it so the following happens......

NAT 10.30.1.10 to 172.31.17.10

NAT 10.30.1.200 to 172.31.17.200

so the last octet is preserved.

I do not think there is way to do this....or is there?

 

Here is what I have now...and it just picks a random IP to NAT to

global (outside) 11 172.31.17.1-172.31.17.254 netmask 255.255.255.0

nat (inside) 11 access-list CRYPTOMAP-11

access-list CRYPTOMAP-11 extended permit ip 10.30.1.0 255.255.255.0 172.31.255.128 255.255.255.128

 

 

Thanks,

Mike
 

Labels:
0 Helpful
2 Replies 2

Marius Gunnerud
VIP Alumni
VIP Alumni

‎03-09-2015 01:39 PM

You can't do what you want with one NAT statement.  You would need to create a seperate policy NAT statement for each translation and to be perfectly honost that would be more of a hastle than what it is worth.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

burleyman
Level 11
Level 11
In response to Marius Gunnerud

‎03-09-2015 01:42 PM

That is what I thought but I wanted to confirm I was not missing something.

 

Thanks,

Mike

0 Helpful
Customers Also Viewed These Support Documents