Configuring IPSec Tunnel Between Router and ASA with Duplicate LAN Subnets

Unanswered Question
Nov 27th, 2007
User Badges:

Guys, I need big help. I need to create a LAN-to-LAN tunnel between an 1841 and an ASA5510.


1841 LAN Subnet: 192.168.1.0/24

ASA5510 LAN Subnet: 10.11.20.0/24

Fake Subnet: 10.20.20.0/24


The ASA currently has few l2l tunnels and one of them is 192.168.1.0 which overlaps with the 1841 side.


So I need to do this at the router side. The ASA has already been configured and it is waiting for this tunnel to be up but with the fake address.


How can I setup the 1841 in such a way that any traffic destined to 10.11.20.0/24 will be converted to the fake address 10.20.20.0/24 so the ASA side will think this fake address is the real inside subnet of the 1841?


I need to do this in such a way that it will not change the 1841 current configuration which is a very simple config with a nat statement NATing the inside traffic to the public IP address of the outside interface. Here is that NAT statement:


ip nat inside source route-map ISP1 interface FastEthernet0/0 overload


Any help will not only be greatly appreciated



thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion