Configuring Overlapping Private IP address VPN tunnels on PIX 520
MY firm runs Monitoring services for client companies to monitor their networks via VPN tunnels. We currently have about 10 clients and perhaps 50 networks that we NAT thru our PIX.
I have been presented with a situation in which I am taking on another customer with an Internal IP scheme of 192.168.1.0. I already have a 192.168.1.0 network defined in 2 ACL's on my PIX, one to not NAT and the other to match the crypto map. I need to configure my PIX so that i can do the same for both internal networks.
I recently upgraded the code on my PIX to 6.2.2. I know and have read about BI-NAT, but am not quite sure how to configure it.
Will bi-nat work to resolve my issue? Also is it mandatory that a PIX be on the other end of the tunnel at the second company?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...