Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN to 5 sites with same IP

I have an ASA 5510 and 5 sites with ASA 5505's.

Each of the remote sites have 10.10.10.0/24 networks with the main site being 10.11.10.0/24

Because this is a server provider model, I cannot make those distant networks change their range.

How could I create a VPN from those remote sites to me if they have the same IP ranges and still communicate?

Could I use some sort of 1 to 1 nat where customer #1 used 10.1.1.0/24 and #2 was 10.1.2.0/24   and I did 1 to 1 nat of addressing on my side to the machines i need to see on the remote side?

2 REPLIES

Re: VPN to 5 sites with same IP

Hi Justin,

The easiest way is if you can NAT on the remote 5505s.

If definitely there's no access to the remote sites... you can NAT inbound source traffic for the remote networks on the central site but this won't work because the ASA won't know how to NAT one remote site from another.(The ASA won't support virtualization of multiple contexts with VPN).

Recommendation will be to NAT on the remote ends.

Federico.

New Member

Re: VPN to 5 sites with same IP

That was my thought (trying to find a config example, but i think trying it is best)

If we can get the remote ASA device to present the distant network as something else using 1 to 1 nat - that is the best option.

I do have access to the remote network, but I cannot change IP's there, it's my customers network - not mine.

223
Views
0
Helpful
2
Replies
CreatePlease to create content