Setting up NAT or PAT on VPN 3005

I have a LAN to LAN tunnel that I am setting up.
My site A has local host ( 10.1.1.100/32 - 10.1.1.88/32 - 192.168.10.12/32 ) in the NETWORK LIST.
My site B has local host ( 192.168.2.131/32 ) in the NETWORK LIST.

I want to hide site A's local host from site B's local host using NAT or PAT.
what should I do on Site A VPN 3005 concentrator to set this up.
I am not really familiar with the setup that is on the VPN 3005 so please give me a step by step.
LVL 2
learn2earnAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

batry_boyCommented:
For this example, I will use the following NAT settings:

Site A IP's
-------------
10.1.1.100 will be translated to 192.168.50.1
10.1.1.88 will be translated to 192.168.50.2
192.168.10.12 will be translated to 192.168.50.3

First, you'll need to setup your LAN-to-LAN NAT rules.  From the VPN Concentrator management GUI, go to "Configuration - Policy Management - Traffic Management - NAT - LAN-to-LAN Rules" and then click the "Add" button.  For the first IP address (10.1.1.100), fill out the screen as shown below and click the "Add" button when complete:

Repeat this process for the other 2 IP addresses, substituting the appropriate IP addresses for each, but always specify 192.168.2.131 for the remote network and 0.0.0.0 for the remote network wildcard mask.

Next, you will need to make sure that you're LAN-to-LAN tunnel definition has the TRANSLATED address for the local network setting.  The translated address would be the 192.168.50.1, 192.168.50.2 and 192.168.50.3 in this example.  You will need to create a network list to use to specify these three IP addresses for the local network.  To do this, go to "Configuration - Policy Management - Traffic Management - Network Lists" and click "Add".  Type in a List Name, and fill out the screen as shown in the second screenshot below.

Finally, go into your LAN-to-LAN rule ("Configuration - Tunneling and Security - IPSEC - LAN-to-LAN") by selecting the rule and clicking "Modify".  At the bottom of the next screen, change the Local Network and Remote Network settings so that they look like the 3rd screenshot below.  Click "Apply" and that should be it.
vpn1.png
vpn2.png
vpn3.png
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.