Cisca ASA VPN using an external IP (VPN-NAT?)
Posted on 2010-09-03
I am attempting to configure my ASA 5510 to connect to a new company (partner) who has a conflict with my internal IP range. It is the same as one of theirs.
They have asked, and I quote "Partner must present us with a Public IP through the VPN Tunnel"
I have been instructed to configure my VPN tunnel as normal, but instead of exempting it from nat you don’t ... you want it to nat to the public ip. I do have several public IPs available
So for example, here is how I would normally configure my tunnel:
access-list inside_nat0_outbound extended permit ip 10.229.147.0 255.255.255.0 10.209.82.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip 10.229.147.0 255.255.255.0 10.209.82.0 255.255.255.0
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer <outsideIP>
crypto map outside_map 1 set transform-set ESP-3DES-MD5
How can I accomplish what they are asking? Thank you!