Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1523
Views
4
Helpful
2
Replies

Site to Site VPN to same internal IP address scheme

mparker
Level 1
Level 1

‎11-14-2007 10:42 AM - edited ‎02-21-2020 03:23 PM

We are setting up a site to site VPN tunnel with a third party but they have the same internal IP address scheme that we are currently using. We are both using a 172.16.x.x and we are initiating the connection.

Is there a way for me to double NAT our internal to a 192.168.x.x and send it down the tunnel?

Labels:
0 Helpful
2 Replies 2

ajagadee
Cisco Employee
Cisco Employee

‎11-14-2007 06:27 PM

Yes, this is possible. Please follow the below URL for configuration details.

Negotiation/IKE Protocols

Configuring an IPSec Tunnel Between Routers with Duplicate LAN Subnets

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800b07ed.shtml

Regards,

Arul

*Please rate if it helps*

mparker
Level 1
Level 1
In response to ajagadee

‎11-15-2007 09:13 AM

Thanks, that looks less complicated than I thought it would be and I am assuming it would be similar on a PIX?

I guess I should of added that I was going from a PIX to a VPN Concentrator. This office already has an established site-to-site VPN tunnel to HQ that sits on the 172.16.x.x network too. So the complication is defining the interesting traffic to HQ, which is already done, and then defining interesting traffic and NATing it to a 192.168.x.x for this third party vendor.

0 Helpful
Customers Also Viewed These Support Documents