11-14-2007 10:42 AM - edited 02-21-2020 03:23 PM
We are setting up a site to site VPN tunnel with a third party but they have the same internal IP address scheme that we are currently using. We are both using a 172.16.x.x and we are initiating the connection.
Is there a way for me to double NAT our internal to a 192.168.x.x and send it down the tunnel?
11-14-2007 06:27 PM
Yes, this is possible. Please follow the below URL for configuration details.
Negotiation/IKE Protocols
Configuring an IPSec Tunnel Between Routers with Duplicate LAN Subnets
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800b07ed.shtml
Regards,
Arul
*Please rate if it helps*
11-15-2007 09:13 AM
Thanks, that looks less complicated than I thought it would be and I am assuming it would be similar on a PIX?
I guess I should of added that I was going from a PIX to a VPN Concentrator. This office already has an established site-to-site VPN tunnel to HQ that sits on the 172.16.x.x network too. So the complication is defining the interesting traffic to HQ, which is already done, and then defining interesting traffic and NATing it to a 192.168.x.x for this third party vendor.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide