Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA VPN Public and Private NAT to same address

I have several site to site VPNs connecting to an internal server using NAT because of overlapping space. An example would be something like this.

access-list 150 extended permit ip host 192.168.12.5 172.16.5.0 255.255.255.2

48

static (inside,outside) 192.168.12.5 192.168.1.7 netmask 255.255.255.255

I have a new place that wants to setup a VPN to the same address but require a public address setup so would require something like the following with my outside address they would communicate with being 4.2.2.25 in the example instead of 192.168.12.5 as above(obviously fake addresses.)

I have several site to site VPNs connecting to an internal server using NAT because of overlapping space. An example would be something like this.

access-list 155 extended permit ip host 4.2.4.25 192.168.55.0 255.255.255.2

48

static (inside,outside) 4.2.2.25 192.168.1.7 netmask 255.255.255.255

Obviously those NAT entries to both the private and public are going to overlap and interfere. Is there some way to do this without changing all the previous tunnels to use the public instead of private address?

163
Views
0
Helpful
0
Replies
CreatePlease to create content