Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT when client has same internal subnet as Concentrator private Interface

I have a vendor I would perfer to use VPN to connect to one of my servers with the software client instead of opening ports on my firewall. The problem is the vendor is behind a firewall using a 10.x.x.x network, the private interface of my concentrator is also a 10.x.x.x network. Can I tell the concentor to NAT my internal 10.x.x.x network? I would like to only nat 1 address. The VPN connects just fine. He just can't get to my equipement due to the addressing scheme.

Thanks

1 REPLY
Bronze

Re: NAT when client has same internal subnet as Concentrator pri

Hi,

you can try this:

1 - put all those users in a separate group, and assign them ip address (MODE CONFIG) via a pool , sth other than 10/8 network.

2 - Configure ALL tunneling for that group, ie no split tunneling.

they wont be able to access their local LAN while vpn is connected, but they should be able to access network behind vpn3k just fine.

Thanks,

Afaq

86
Views
0
Helpful
1
Replies
CreatePlease to create content