Unanswered Question
May 13th, 2009

Is it possible to NAT VPN traffic to an address that does not exist on either interface.

For example if two sites have overlapping address ranges (say both have an internal network of (1.1.1.x). The outside space between the firewalls are 2.2.2.x, can I nat the interesting traffic to 3.3.3.x?, or does it have to be NAT'd to an address on the outside interface...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Wed, 05/13/2009 - 11:12

You can NAT it to whatever you want and as long as your crypto map acl's that define interesting traffic refer to the Natted address you will be fine.



This Discussion