Configuring IPSec Tunnel Between Router and ASA with Duplicate LAN Subnets
Guys, I need big help. I need to create a LAN-to-LAN tunnel between an 1841 and an ASA5510.
1841 LAN Subnet: 192.168.1.0/24
ASA5510 LAN Subnet: 10.11.20.0/24
Fake Subnet: 10.20.20.0/24
The ASA currently has few l2l tunnels and one of them is 192.168.1.0 which overlaps with the 1841 side.
So I need to do this at the router side. The ASA has already been configured and it is waiting for this tunnel to be up but with the fake address.
How can I setup the 1841 in such a way that any traffic destined to 10.11.20.0/24 will be converted to the fake address 10.20.20.0/24 so the ASA side will think this fake address is the real inside subnet of the 1841?
I need to do this in such a way that it will not change the 1841 current configuration which is a very simple config with a nat statement NATing the inside traffic to the public IP address of the outside interface. Here is that NAT statement:
ip nat inside source route-map ISP1 interface FastEthernet0/0 overload
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...