I currently have two networks, the primary site behind an ASA5505 and a new remote site behind an 2911 and I need to establish an IPSec site-to-site VPN from the remote site into my primary behind the ASA. I have several remote sites built in this manner and getting a VPN stood up between the two sites isn't a difficult task for me. This new site, however, is the first time I'm encountering overlapping IP space. For simplification I'll just say that both sides are using 192.168.1.0/24. The way I'd like to handle this is to take a non-conflicting /24 block and nat the remote side behind that range. Initially I'll only need access to 1 server behind that /24 block so I'm also thinking I'd probably just want to set the server on the remote side to a good static local address then just nat a single IP from the non-conflicting /24 block. Then when the 2nd server comes online get it statically set on the remote side and slap a new nat rule in place.
Any suggestions on where to go with this?