Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
1
Replies

Site-To-Site VPN and NAT

bapatsubodh
Level 1
Level 1

‎09-26-2009 06:13 AM

Hi,

We have established site-to-site VPN between two locations over internet. This is between two hosts only as these are the only one which communicate with each other over IPSEC.

10.1.1.1 from location A to 192.168.1.1 from location B. ( nonat - access list has these hosts mentioned ). Tunnel is terminating on "outside" interface at both locations.

Now, we need to make 10.1.1.1 available to public internet using static address translation. ( static (inside,outside) PUBLIC_IP, 10.1.1.1 ). If we add this configuration will it work? Nonat as well as static dest. nat for the the same private address is kind of confusing me. Or is there any other way to have this done.

Can this be done not only on ASA but also on 3800 series ISR.

Please share the experience.

Any link on cisco.com is appreciable.

Thanks in advance.

Subodh

Labels:
0 Helpful
1 Reply 1

slmansfield
Level 4
Level 4

‎09-28-2009 08:00 AM

I think this example is what you're looking for using a router.

http://www.cisco.com/application/pdf/paws/14144/static.pdf

There are many examples of various combinations of VPN and NAT on the ASA. Here is a listing of them.

http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents