05-06-2008 07:39 AM - edited 03-11-2019 05:40 AM
i have a business partner who needs to vpn into our pix/network and they have a couple subnets that overlap with some of ours - how should this be handled?
thanks - Jerry
Solved! Go to Solution.
05-06-2008 09:38 AM
05-06-2008 09:20 AM
either side can do this with policy NAT (or at least i know that your PIX can). Create a new IP range to NAT the overlapping subnets to (on one side or the other) and use the new IP range in the crypto acl.
It sounds you like you probably need " static policy nat ".
Here's the link for static policy nat for 7.2, the commands are the same for 6.3 as well.
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/cfgnat.html#wp1042553
05-06-2008 09:23 AM
can you point me to a white paper or config example. i will research policy NAT in the mean time.
thanks - Jerry
05-06-2008 09:38 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide