L2L VPN with nat

Answered Question
Apr 8th, 2010

HI All

I am quite inexperienced on this subject and would greatly appreciate guidance on this

I need to create a VPN tunnel between our site and a remote site. 

On our site, we are a 192.168.0.X network our external ip address is 12.53.150.100

The site we will need to connect to is 69.144.38.48

We need to have it go from host to host meaning 192.168.0.97 --> 69.144.38.50 and they want our ip to be translated to 10.9.250.1

Thanks in advance

Jason

I have this problem too.
0 votes
Correct Answer by droeun141 about 6 years 8 months ago

Are you familiar with setting up a regular L2L tunnel? in addition to that, you would just need to create a policy nat:

access-list 100 extended permit ip host 192.168.0.97 host 69.144.38.50

static (inside,outside) 10.9.250.1 access-list 100

When defining your crypto ACL, you would specify 10.9.250.1 as the source instead of 192.168.0.97.

Let me know if you need any more help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
jnarenkivicius Thu, 04/08/2010 - 11:12

Hi,  Thanks for the quick reply

Sorry I not too savy with this device+

I have created the L2L tunnel before using the ASA 5505 VPN wizard.

can you explain that a little more

Thanks

Jason

droeun141 Thu, 04/08/2010 - 11:41

Is it a PIX or an ASA? did the remote side give you any of their config? phase 1, phase 2, etc.

Correct Answer
droeun141 Thu, 04/08/2010 - 10:57

Are you familiar with setting up a regular L2L tunnel? in addition to that, you would just need to create a policy nat:

access-list 100 extended permit ip host 192.168.0.97 host 69.144.38.50

static (inside,outside) 10.9.250.1 access-list 100

When defining your crypto ACL, you would specify 10.9.250.1 as the source instead of 192.168.0.97.

Let me know if you need any more help.

Actions

This Discussion

Related Content