overlapping network via vpn

Answered Question
May 6th, 2008

i have a business partner who needs to vpn into our pix/network and they have a couple subnets that overlap with some of ours - how should this be handled?

thanks - Jerry

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
srue Tue, 05/06/2008 - 09:20

either side can do this with policy NAT (or at least i know that your PIX can). Create a new IP range to NAT the overlapping subnets to (on one side or the other) and use the new IP range in the crypto acl.

It sounds you like you probably need " static policy nat ".

Here's the link for static policy nat for 7.2, the commands are the same for 6.3 as well.

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/cfgnat.html#wp1042553

jerry.mcrae Tue, 05/06/2008 - 09:23

can you point me to a white paper or config example. i will research policy NAT in the mean time.

thanks - Jerry

Actions

This Discussion