I am trying to establish a site-to-site VPN tunnel with a customer that is using a 3000 series concentrator. The problem is that our internal LAN IP subnets overlap so they want me to use our public IPs to establish the tunnel.
I have three internal servers that need to use this tunnel and they are in the 192.168.16.0/24 subnet. I have the server IPs mapping to external IPs with a NAT list on the ASA so each server has a unique IP in the world. The customer has configured their security to only allow traffic from these external IPs.
On the ASA I used the site-to-site VPN wizard to configure the tunnel and tripled checked all of the configuration information to make sure it was the same on both ends. When we try to connect nothing happens.
If I change the protected local network to my internal IP of 192.168.16.x and try to connect the customer gets an error on their end stating that there was a network mismatch and the connection was terminated. When I change the protected network back to the static external IP and try to connect nothing happens.
I am lost on this and would appreciate any help.