I have a VPN to an external company. This VPN is connected to the ASA's outside interface and they just need to access VLAN which is connected to the ASA - all works. This VLAN they connect to is on a Cisco 3750 switch which is simply connecte to one of the gigabit ports on the ASA.
This external company connects to the VLAN IP range of 172.29.x.x/16, now in my LAN I have a monitoring server on 192.168.12.91 that needs to ping a server on their LAN which is 10.10.1.1, they already have a server on 192.168.12.91 so how can I NAT this IP to say a 172.29.x.x ip?
This external company connects to the VLAN IP range of 172.29.x.x/16, now in my LAN I have a monitoring server on 192.168.12.91 that needs to ping a server on their LAN which is 10.10.1.1,they already have a server on 192.168.12.91 so how can I NAT this IP to say a 172.29.x.x ip?
If I understand correctly , you have a server on the inside as 192.168.12.91 and needs to connect to 10.10.1.1 server on other side, but they do also have a server with ip of 192.168.12.91, you can nat 192.168.12.91 in your LAN for it to appear as 172.29.x.x address through that tunnel by using Policy nat
Hi, the 192.168.12.91 host is on my LAN (inside). This VPN to this external company has the 172.29.x.x/16 subnet allowed only through this SA's, so I thought it I NAT the 192.168.12.91 IP to that range there is less to configure on the phase 2 IPSec that is working.
This is what I found:
access-list outside_2_cryptomap extended permit ip 172.29.0.0 255.255.0.0 10.10.1.0 255.255.255.0
Hi, I will need to spend some time editing my config for security reasons, but will do, unless you can state the sections you need.
For my understanding you say I am using 172.29.0.0/16 to nat any inside address, what part of the config does that? This NAT exempt rule access-list inside_outbound_nat0_acl extended permit ip 172.29.0.0 255.255.0.0 10.10.1.0 255.255.255.0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...