03-26-2009 07:03 PM
i have a situation here. We have a LAN-2-LAN tunnel established. My end is an ASA; The tunnel is up but other end's addresses is non-routable on my end; We are not allow to make their addresses routable through routing protocol. Can i use NAT on the ASA to achieve this; or this is not possible?
Below is a drawing on this:
ASA ("my end") <---------> router (other end, address not routable on "my end").
03-27-2009 12:59 AM
Please let me know what are you trying to say by "non-routable on my end", is it that yo do not want them to access your devices or is it that you do not want to see there internal ip address.
03-27-2009 07:07 AM
On my end, the network is using 158.1.0.0/16 address space; On the other end of the tunnel, the network is using private address 192.168.1.0/24. I got the tunnel up, but traffic is not passing through. Do i need to translate the 192.168.1/0/24 address? i need to make 192.168.1.0/24 talks to 158.1.0.0/16.
Hope it makes it clear; thanks your help.
03-27-2009 10:30 AM
Hi,
Please check if the nat exempt statments are configured in correct order. Also check if nat-t is enabled.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: