L2L VPN Tunnel to client’s remote networks. I am required to NAT my private network to a publicly routable unique network.
Local network: 192.168.1.0
NAT to Network: 71.x.x.96 255.255.255.224 (Range provided by ISP)
Outside INT of ASA: 71.x.x.115
Remote Network: 10.10.10.0
access-list crypto extended permit ip 71.x.x.96 255.255.255.224 10.10.10.0 255.255.255.0
The tunnel comes up, but my internal hosts are unable to access the tunnel because I am not NAT’ing the inside to the NAT to addresses correctly. Below is what I have tried.
Use of Policy NAT
Access-list policy-nat extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0
Static (inside,outside) 71.x.x.0 access-list policy NAT
This doesn’t work as when I show xlate, I show the following over and over again.
Global 71.x.x.0 Local 192.168.1.0. It never translates the next host for example Global 71.x.x.97 Local 192.168.0.1. Traffic does not pass through the tunnel to allow access to the host.
If anyone can please help I would greatly appreciate it. I’ve also found another possibility but not exactly sure how to implement it.