L2L VPN Nat and relation to DNS

Steven Williams · ‎01-22-2014

So I had this topic on my mind today and dont know how to answer it or what to do.

If I have an ASA L2L VPN with another ASA and I have overlapping subnets and cant change the subnets, I need to access resources in both subnets. Ok so I need to NAT...so if my subnets that overlap are 10.32.1.0/24 the remote ASA will NAT their side as they have agreed, but what if I have a DNS zone for that remote 10.32.1.0/24 subnet....this will not work right?

My 10.32.1.0/24 addresses will be looking for an address of lets say 172.16.1.10 which then translates to 10.32.1.10 after it crosses the remote ASA. But from a local subnet standpoint the record for the host they need to access is still a 10.32.1.0/24 address? So I would have to re-address every record in DNS to coresponding 172.16.1.0/24 NATed address?

Steven Williams · ‎01-23-2014

Does anyone have any info this?

If I have two networks with L2L VPN tunnel that share the same DNS lookup zone and both networks are overlapping and I have to NAT one, how do hosts in one subnet access hosts in the other NATed network with FQDN?