Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA VPN with two remote overlapping networks

We have a scenario with two VPN connected remote network (customers) each using the same LAN subnet.

Customer VPN1 = remote network 192.168.0.0/24

Customer VPN2 = remote network 192.168.0.0/24

Is there a way through the use of destination NAT or another NAT configuration to overcome this overlap? The customers cannot perform NAT on their side of the tunnel as their firewalls are not ASA (They are using Meraki) and do not support the NAT configuration.

 

Thanks!

Jamie

 

 

3 REPLIES
VIP Green

According to this KB article

According to this KB article the Meraki does support NAT for overlapping VPN:

https://kb.meraki.com/knowledge_base/using-vpn-translation-with-overlapping-subnets

If they still can not NAT on their end then this will be difficult to do on the ASA if both remote site VPNs terminate on the same interface.

--

Please remember to select a correct and rate helpful posts

--

Please remember to rate and select a correct answer
New Member

Thank you very much for the

Thank you very much for the response. I relayed this information to our customer with the Meraki firewall. He said he can NAT on the tunnel, however, the translation is global. It translates this for all VPN's not just the one terminating to my ASA. He has several VPN's and the others cannot be changed. Is there a way to translate on a a specific VPN tunnel while not affecting (not NATing) the other VPN tunnels on the Meraki firewall.? Thanks again.

Jamie

VIP Green

I am not sure if it does

I am not sure if it does support multiple VPN translations..or not.

Do both customer 1 and 2 not use an ASA or Cisco router? or do both use Meraki? If one of the customers has a device that supports translating VPN traffic, perhaps that customer would be willing to translate at their end?

--

Please remember to select a correct and rate helpful posts

--

Please remember to rate and select a correct answer
278
Views
0
Helpful
3
Replies
CreatePlease login to create content