Link to home
Start Free TrialLog in
Avatar of SchoolPage

asked on

Cisca ASA VPN using an external IP (VPN-NAT?)

Good Morning,

I am attempting to configure my ASA 5510 to connect to a new company (partner) who has a conflict with my internal IP range.  It is the same as one of theirs.

They have asked, and I quote "Partner must present us with a Public IP through the VPN Tunnel"

I have been instructed to configure my VPN tunnel as normal, but instead of exempting it from nat you don’t ... you want it to nat to the public ip.  I do have several public IPs available

So for example, here is how I would normally configure my tunnel:

access-list inside_nat0_outbound extended permit ip
access-list outside_1_cryptomap extended permit ip
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer <outsideIP>
crypto map outside_map 1 set transform-set ESP-3DES-MD5

How can I accomplish what they are asking?  Thank you!

Avatar of Jody Lemoine
Jody Lemoine
Flag of Canada image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of SchoolPage


Thank you!