Client subnet overlapping through vpn- Destination nat

Unanswered Question
Oct 9th, 2009
User Badges:

Hi,


Following is the scenerio:

Company A(172.16.1.0/24) > Company B(192.168.1.1/24)

Company A(172.16.1.0/24) > Company C(192.168.1.1/24


Need to establish VPN between A>B and A>C.


Is the destination nat is possible?

Is any other way to work on this case?

A only.

Note : We need to do changes on Company.


Please revert even though it is not possible. Appreciate your efforts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
auraza Fri, 10/09/2009 - 05:58
User Badges:
  • Cisco Employee,

If you only need to get from Comp B and C to A, and not between each other, then you would need to NAT on the Company B device, and then encrypt the NAT'd traffic.


access-list BtoA_nat permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0

static (i,o) 192.168.10.0 access-list BtoA_nat


access-list crypto_BtoA permit ip 192.168.10.0 255.255.255.0 172.16.1.0 255.255.255.0


Reference the access-list above in your crypto map.


On site A, your ACL would be:

access-list crypto_AtoB permit ip 172.16.1.0 255.255.255.0 192.168.10.0 255.255.255.0


PS. If this post was helpful, please rate it.

Actions

This Discussion