02-18-2009 02:45 AM - edited 03-09-2019 10:03 PM
Hi All,
Is there a way of achieving the following.
I have a site-to-site IPSEC VPN between two sites where the remote end accesses a URL connecting to a server at our end. This server is be re-allocated and we are wanting them to access a new one. Without changing the remote end config, is there a way of redirecting the traffic to the new server by way of nat or re-direction etc?
Traffic flow - remote host url resolves to local IP 10.10.10.10. I want to force this to look like 10.10.10.11 when it gets to our end.
Not sure if this is possible as the IP's are on the same local network.
Cheers
Andy
02-18-2009 04:59 AM
Easiest way is to change the DNS entry for the URL.
HTH>
02-18-2009 06:53 AM
exactly what I have said to our customer. I dont think it can be achieved......
02-18-2009 07:00 AM
OK - can you post your current config, removed sensitive information.
02-18-2009 07:13 AM
The first thing you have to do is remove the nat exemption for this connection as you now want to nat it.
access-list nat0 deny ip host 10.10.10.10
then add your new static...
static (inside,outside) 10.10.10.10 10.10.10.11 netmask 255.255.255.255
Also make sure that 10.10.10.11 is part of your crypto acl's.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide