NAT on lab

Unanswered Question
Oct 19th, 2008
User Badges:


I have a VPN lab setup between 2 routers into a vlan to act like a VPN:

Router 1 FE > Switch with Internet VLAN < Router 2 FE

The routers only have 1 FE port each, so these act as their external interface, each router has a loopback interface to act as their local LAN.

Now I want to assume that both LAN's (loopbacks) use the same IP range, I would like one of the routers to NAT so each LAN can communicate so one of the LAN's uses a completely different IP range. How can I do this? I assume I will need another device to provide the NATing?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ryel.dsouza Sun, 10/19/2008 - 09:10
User Badges:

It's not clear to me what exactly u want to do ??? is it that u want to configure a site to site vpn on both routers.

Also u will not need another device to do NAT

jamesgonzo Sun, 10/19/2008 - 09:28
User Badges:


As mention "I have a VPN lab setup between 2 routers" sorry if this wasn't clear.

Anyway I have a VPN lab setup and now want to assume that one of the sites IP ranges (on the loopback) is now the same range as the other site (also on the loopback), I want to NAT one site so they can ping each other.

I've created VPN's before between companies but have yet to have it where my LAN's IP clashes with a remote site/company but it will happen, so I need to practice this.

My 2 routers only have 1 FE each which go into the "internet" vlan on the switch, I have created a loopback on each for the LAN of each site.

Marwan ALshawi Sun, 10/19/2008 - 15:22
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

i am not sure 100%

but as static nat processed first

make static nat for one of ur internal LANs

which translat the entire subnet

then make nat exmption for the nated address

and make the source of ur crypto ACL the nat address

good luck


This Discussion