Tricky NAT over GRE configuration. Could use some advice
I recently received a request to setup a GRE tunnel with a vendor for a POC. I have setup the tunnel on my edge Cisco router and can ping the vendor's server, so the tunnel works. The problem is their node is on a subnet overlaps with ours. So to make it work I figured I'm going to have to do some sort of NAT. Here are the particulars:
172.16.0.0/16 - Users
10.0.0.0/16 - Users
172.16.100.10 - Node
I figure I can NAT 172.16.100.10 to 192.168.100.10 on our edge router and have our users try and connect using the 192.168.100.10 address. So I'm guessing I would have to have this NAT command go against the inside interface so it can NAT the traffic and pass it through the tunnel. Can this work? Would I put my commands on the tunnel interface or the inside interface?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...