Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT traffic heading to VPN

I have a conflicting network (192.168.20.x/24) that I need to connect to a peer with the same network on their end.

Our inside IP addresses are in the 10.x.x.x range, as well as some 192.168.x.x addresses. Now here is what I am trying to accomplish - hopefully someone can tell me if it is even possible:

I want to connect to 192.168.206.20, which will then be NAT'd in the firewall to be 192.168.20.20 as the destination IP. Then it will head over the VPN tunnel, where we show as a source IP of a publicly registered IP address (1.2.3.4 for this example).

Hopefully someone can follow my request - Cisco TAC couldn't seem to grasp what I was trying to do.

Thanks in advance!

2 REPLIES
Cisco Employee

Re: NAT traffic heading to VPN

This will not work. From what I understand, your source IP is 192.168.206.20, which is NAT'd by the firewal to 192.168.20.20, however, the remote network that you are connecting to is also 192.168.20.20. You can't NAT the 192.168.20.20 once its already been NAT'd, and then put it in the tunnel. If my understanding is not clear, please draw the topology out so its a bit clearer, with IPs, etc.

New Member

Re: NAT traffic heading to VPN

So what I am looking at is to have the remote end accept traffic from our 192.168.202.x addresses, and then they will translate from that to their real IP addresses?

131
Views
0
Helpful
2
Replies