I only have a basic VPN understanding and I'm in a bit of a mess...
The problem that I'm facing is that I have a client that has the same private ip subnet as myself. I understand that I need to perform NAT but the issue is that I want to perform NAT for one subnet for one client only, leaving all else the same.
Looking at the config (I have a 3640), I would think I need something like this:
ip address x.x.x.x 255.255.255.0
ip nat inside
crypto map wwmap
route-map test permit 10
match ip address 110
access-list 110 permit ip 172.16.0.0 0.0.255.255 172.28.0.0 0.0.255.255
ip nat inside source static 172.16.0.50 172.28.0.50 route-map test
Where 172.16.0.0/16 is the source subnet and 172.28.0.0/16 is what I want to NAT to. Also, I only have one host (172.16.0.50) that they need to access.
They will perform similar their end so I just see their 172.16.0.0/16 as its NATted address.
How to I ensure that no other NATting takes place? I assume as my config stands all else would fail?
Any help much appreciated. All articles I find assume that you want NAT to take place for all out going traffic but this is not the case.
Apologies for delay in getting back.
You will need a "ip nat inside" on your inside interface and an "ip nat outside" on your outside interface.
No it will only effect the traffic you have included in your access-list.
Yes it should work for connections initiated from 192.168.0.0/24 clients.
No need to apologize, NAT is not one of the most obvious things to be honest.
Also, as with any changes you need to implement these out of hours if possible. What should work in theory often has a way of not in practice :)