Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Member

NAT incoming VPN Tunnel

I have a new vpn tunnel that I would like to NAT to the internal network address space. The new tunnel is coming from 172.31.17.0 and the existing LAN on the ASA is 172.31.16.0 Is there a good solution to make the incoming tunnel hav a source address from the 172.31.16.0 network to access other resources?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: NAT incoming VPN Tunnel

Tom

Assuming it is a site-to-site VPN and assuming a spare IP address of 172.31.16.10

nat (outside) 2 172.31.17.0 255.255.255.0 outside

global (inside) 2 172.31.16.10

OR if you want to use the interface address

global (inside) 2 interface

Note i have used a nat-id of 2 in the example, just use a nat-id that is unused.

Jon

4 REPLIES
Hall of Fame Super Blue

Re: NAT incoming VPN Tunnel

Tom

Is this a site-to-site VPN tunnel ?

Do you have a spare IP address in the 172.31.16.x subnet or do you want to use the inside interface address on the ASA ?

Jon

New Member

Re: NAT incoming VPN Tunnel

Jon,

I could use either. The interface is 172.31.16.1 or I could utilize an open IP on the inside.

Tom

Hall of Fame Super Blue

Re: NAT incoming VPN Tunnel

Tom

Assuming it is a site-to-site VPN and assuming a spare IP address of 172.31.16.10

nat (outside) 2 172.31.17.0 255.255.255.0 outside

global (inside) 2 172.31.16.10

OR if you want to use the interface address

global (inside) 2 interface

Note i have used a nat-id of 2 in the example, just use a nat-id that is unused.

Jon

New Member

Re: NAT incoming VPN Tunnel

Jon,

Thanks for your help. This will work.

Tom

180
Views
0
Helpful
4
Replies
CreatePlease to create content