Overlapping Subnets on IPSec VPN between ASA and IOS Router

Unanswered Question
Feb 3rd, 2012
User Badges:

I currently have two networks, the primary site behind an ASA5505 and a new remote site behind an 2911 and I need to establish an IPSec site-to-site VPN from the remote site into my primary behind the ASA.  I have several remote sites built in this manner and getting a VPN stood up between the two sites isn't a difficult task for me.  This new site, however, is the first time I'm encountering overlapping IP space.  For simplification I'll just say that both sides are using 192.168.1.0/24.  The way I'd like to handle this is to take a non-conflicting /24 block and nat the remote side behind that range.  Initially I'll only need access to 1 server behind that /24 block so I'm also thinking I'd probably just want to set the server on the remote side to a good static local address then just nat a single IP from the non-conflicting /24 block.  Then when the 2nd server comes online get it statically set on the remote side and slap a new nat rule in place.


Any suggestions on where to go with this? 


Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion