I have a requirement to setup a IPSEC tunnel to allow access to remote users to a subnet on inside. The same subnet is already in use elsewhere on the inside network. My vpn tunnel terminates on the ASA (7.2) on the outside interface. I want to NAT the source address of this traffic before it goes to inside.
My ASA is:
192.168.198.138/28 (outside)|ASA|(inside) 192.168.198.36/28
The traffic coming from the tunnel is 10.2.0.0/22 going to 10.172.152.64/27. My tunnel is up and running. How can I NAT/PAT this traffic?
Is this possible:
nat (outside) 5 access-list Site_A_VPN_IN outside
global (inside) 5 10.58.200.31
access-list Site_A_VPN_IN extended permit ip 10.2.0.0 255.255.252.0 10.172.152.64 255.255.255.224
Do I need to allow this on the ACL for the outside interface?
Any help would be appreciate.