The above configurations don't really match what you are describing before them. Also I think you need to NAT both sites source network since even though Site A might be connecting to another network (192.168.73.0/24) the Site B would still be seeing connections coming from network 192.168.10.0/24 on its outside interface while it has the same network on its inside.
I might have totally missunderstood the original post though
Lets look through all the information needed for the L2L VPN
Site A network(s):
192.168.10.0/24 ( NAT 192.168.20.0/24 for example)
Site B network(s):
192.168.10.0/24 (NAT 192.168.73.0/24)
The L2L VPN encryption domain / interesting ACL and NAT configuraitons would be looking something like this
access-list SITE-A-L2L-VPN-ACL permit ip 192.168.20.0 255.255.255.0 192.168.73.0 255.255.255.0
access-list SITE-A-L2L-VPN-ACL permit ip 192.168.80.0 255.255.255.0 192.168.73.0 255.255.255.0
access-list SITE-A-L2L-VPN-ACL permit ip 192.168.200.0 255.255.255.0 192.168.73.0 255.255.255.0
access-list SITE-A-VPN-NONAT remark NO NAT for the below networks
access-list SITE-A-VPN-NONAT permit ip 192.168.80.0 255.255.255.0 192.168.73.0 255.255.255.0
access-list SITE-A-VPN-NONAT permit ip 192.168.200.0 255.255.255.0 192.168.73.0 255.255.255.0
nat (inside) 0 access-list SITE-A-VPN-NONAT
access-list SITE-A-VPN-POLICYNAT permit ip 192.168.10.0 255.255.255.0 192.168.73.0 255.255.255.0
The above configuration should do the following for SITE A
First ACL will define the source and destination networks for the L2L VPN connection. 2 of your local network will not be natted and show with their original addresses. The overlapping network 192.168.10.0/24 will be showing from a NATed network 192.168.20.0/24. Also the destination network is the network 192.168.73.0/24 which is NATed at SITE B device.
Second ACL and the nat (inside) 0 statements configure that your non-overlapping networks will be visible to the SITE B with their original addresses
Third ACL and static statement configure that your local overlapping network 192.168.10.0/24 will be showing with NAT network 192.168.20.0/24 to SITE B when its connecting to the remote network of 192.168.73.0/24
access-list SITE-B-L2L-VPN-ACL permit ip 192.168.73.0 255.255.255.0 192.168.20.0 255.255.255.0
access-list SITE-B-L2L-VPN-ACL permit ip 192.168.73.0 255.255.255.0 192.168.80.0 255.255.255.0
access-list SITE-B-L2L-VPN-ACL permit ip 192.168.73.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list SITE-B-VPN-POLICYNAT permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
access-list SITE-B-VPN-POLICYNAT permit ip 192.168.10.0 255.255.255.0 192.168.80.0 255.255.255.0
access-list SITE-B-VPN-POLICYNAT permit ip 192.168.10.0 255.255.255.0 192.168.200.0 255.255.255.0
The above configuration should do the following for SITE B
First ACL will define the source and destination networks for the L2L VPN connection.Your source network will be the NATed network 192.168.73.0/24 of the real network 192.168.10.0/24. The destination networks will be SITE As NATed network 192.168.20.0/24 of their local network 192.168.10.0/24 and the NoNAT networks of 192.168.80.0/24 and 192.168.200.0/24
Second ACL and NAT statement tell that when SITE B local network 192.168.10.0/24 is connecting to any of the SITE A networks it will be NATed to the network 192.168.73.0/24
To be honest I cant see how this would work when you consider that you would tell the VPN device that the source and destination network are both the same for both sites.
Or I just have missunderstood this thing completely.
Though I've got to say that all these NAT and VPN configurations are the easiest when both endpoints handle their NAT configurations seperately. So if its in any way possible I suggest you get someone to handle the configurations on the other end so that you dont have to deal with the situation alone.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...