Multiple VPN's to different company's using the same ipaddressrange

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (2 ratings)
kaachary Fri, 03/09/2007 - 04:50
User Badges:
  • Cisco Employee,

Yes, you can have the subnet natted specifically for this tunnel.

You can use policy based natting for this.

Its always a good idea to do NAT on both the ends, to avoid complexity in the config.

*Please rate if this helped.


kaachary Fri, 03/09/2007 - 05:10
User Badges:
  • Cisco Employee,

Giving you an example :

Let's say the network on both the ends is

On Watchgaurd they nat it to

On your side, say , yu nat it to

The policy nat statements would be like this:

1: Create an acl for to identify traffic :

access-list policy_nat

Define a static NAT with policy :

static (inside,outside) access-list policy_nat

And you crypto ACL would look like :

access-list cry_acl

You should be good to go !

*Please rate if helped.



This Discussion