Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Overlapping Subnets on IPSec VPN between ASA and IOS Router

I currently have two networks, the primary site behind an ASA5505 and a new remote site behind an 2911 and I need to establish an IPSec site-to-site VPN from the remote site into my primary behind the ASA.  I have several remote sites built in this manner and getting a VPN stood up between the two sites isn't a difficult task for me.  This new site, however, is the first time I'm encountering overlapping IP space.  For simplification I'll just say that both sides are using 192.168.1.0/24.  The way I'd like to handle this is to take a non-conflicting /24 block and nat the remote side behind that range.  Initially I'll only need access to 1 server behind that /24 block so I'm also thinking I'd probably just want to set the server on the remote side to a good static local address then just nat a single IP from the non-conflicting /24 block.  Then when the 2nd server comes online get it statically set on the remote side and slap a new nat rule in place.

Any suggestions on where to go with this? 

Thanks!

Everyone's tags (5)
2 REPLIES
New Member

Overlapping Subnets on IPSec VPN between ASA and IOS Router

I haven't configured this yet, however the following link makes sense:

http://roggyblog.blogspot.com/2009/10/pixasa-site-to-site-l2l-vpn-with_27.html

The configuration in that link allows you to configure a site to site VPN with overlapping subnets.

Cisco Employee

Overlapping Subnets on IPSec VPN between ASA and IOS Router

3881
Views
0
Helpful
2
Replies
CreatePlease to create content