I am trying to NAT through a new tunnel with an outside vendor.
Lets say that he has a 10.10.0.0/24 subnet and the network I am trying to connect him with is also a 10.10.0.0/24 subnet.
Since I have other tunnels coming in to a server on my 10.10.0.0/24 subnet I am thinking that I want to NAT his subnet on it's way into my network through the VPN.
This is the relevant confg snippets for what I am trying to do (assume the crypto maps etc... are correct). Does this look right?
static (outside,inside) 10.10.0.0 172.20.0.0 netmask 255.255.255.0
!
object-group network MY-SERVER
network-object 10.10.0.12 255.255.255.255
!
object-group network Vendor-Connect-To-Me
network-object 172.20.0.0 255.255.255.0
!
access-list nonat permit ip object-group MY-SERVER object-group Vend-Connect-To-Me
access-list Vend permit tcp object-group MY-SERVER object-group Vend-Connect-To-Me eq 23