Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Client, overlapping address space

I've got some systems on my internal network sitting in 192.168.1.*, which is also a very popular subnet for homes and hotels.  When users are on 192.168.1.* remotely they can establish a tunnel but have trouble accessing servers on my internal 192.168.1.* network because the VPN client thinks those machines are local to the remote client and doesn't direct the traffic into the tunnel.

Is there some NAT trick that will solve this problem?  I'm moving my internal systems out of 192.168.1.* as they come up for replacement, but that could take a long time.

Thanks

Pat

Everyone's tags (2)
1 REPLY
Bronze

Re: VPN Client, overlapping address space

Hi Patrick,



Try the command on your PIX/ASA


crypto isakmp nat-traversal 20.

And make sure you have NAT 0 statement on ASA to bypass NAT for VPN traffic to client.





Regards

M

Mohit Paul CCIE-Security 35496 P.S Please do rate this post if you find it helpful to make it easier for others seeking answers to similar queries
598
Views
0
Helpful
1
Replies
CreatePlease to create content