Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Hide LAN behind 1 IP - VPN

HI there.

I've been asked to configure a VPN to a remote office location and to NAT my Office VLAN behind one fixed IP.

My office VLAN: 172.16.101.0/24

Assigned static IP: 172.16.101.250

Remote Office: 10.192.0.0/24

I am ok to configure the VPN and IPSEC rules but how do i configure the NAT so that my office lvan is hidden behind the 1 static IP when access the VPN?

2 REPLIES

Hide LAN behind 1 IP - VPN

Hello Jamie,

You need to follow the following instructions or steps:

1-The Nat rule

access-list TEST permit ip 172.16.101.0 255.255.255.0  10.192.0.0 255.255.255.0

static (inside,outside) 172.16.101.250 access-list TEST

2- Change the crypto ACL on both sites

Now it should look like this on this ASA:

access-list VPN permit ip host  172.16.101.250  10.192.0.0 255.255.255.0

On the other side

access-list VPN permit ip  10.192.0.0 255.255.255.0   host  172.16.101.250

Regards,

Do rate all the helpful posts,

Julio.

Security TAC engineer

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Hide LAN behind 1 IP - VPN

access-list TEST permit ip 172.16.101.0 255.255.255.0  10.192.0.0 255.255.255.0

Is this section created within the access rules list?

313
Views
3
Helpful
2
Replies
CreatePlease login to create content