Lan-to-Lan VPN Poblem with overlapping networks and NAT
i have problems configuring a Lan-to-Lan VPN Tunnel on a 3030 Concentrator using NAT because of overlapping networks. The problem is, that i want to make NAT to an network where the concentrator´s LAN ip address is already inside. For a better explanation:
LAN IP VPN Concentrator: 192.168.3.100 (Subnet Mask ist 24)
Network on partner side: 192.168.3.x /22
So i tried configuring NAT for the network 192.168.3.0 / 22 to 192.168.50.0 / 22 but the concentrator didn´t accept this cause of his own LAN IP Adress. Is there any solution what i can do for getting the NAT to work? On the Partner side the device isn´t able to do a NAT, as i heared.
Re: Lan-to-Lan VPN Poblem with overlapping networks and NAT
What is used in the other part (partner) to get outside to public network? Is it a vpn3000, router or firewall?
Is your vpn 3000 outside interface connected directly to public network?
Possible solutions is to place a NAT static device between your local network and the vpn 3000 or place a NAT device that will connect the vpn 3000 to the public network and perform static translation because on your vpn 3000 you can only do Port Address Translation (PAT) for the users going out. You cannot do static NAT on the VPN 3000 Concentrator.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :