Cisco ASA Site to Site - same subnet on both sides

Hi Everyone,
I am building a site to site with a customer who has my same internal subnet. My local subnet is 192.168.10.0/24 and so is his. I would like to nat my Internal subnet to something like 172.16.1.10.
In other words, I want to nat my internal network (192.168.10.0) to 172.16.1.10 and present this adress to the remote network.

I rather make the changes using the ASDM. Please let me know if you need more information.

Thank you,
hectorruizAsked:
Who is Participating?
 
MikeKaneConnect With a Mentor Commented:
This can be done and cisco has a HOW TO right here:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml

Follow that example and you'll be good to go.
0
 
alienXenoConnect With a Mentor Commented:

You just need to use Policy-NAT on both ends (since you're using cisco firewalls on both ends this is no problem at all).
Basically you translate the LANs on both ends to a different subnet so that there's no overlapping problem and the interesting traffic is between the NATed subnets.

Let's assume this example:

Site A:
10.1.1.0/24 --> NAT to 192.168.1.0/24

Site B:
10.1.1.0/24 --> NAT to 192.168.2.0/24


https://supportforums.cisco.com/message/3241751
https://supportforums.cisco.com/message/3018989

On Site A:
access-list nat permit ip 10.1.1.0 255.255.255.0 192.168.2.0 255.255.255.0
static (inside,outside) 192.168.1.0 access-list nat
access-list vpn permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0

On Site B:
access-list nat permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0
static (inside,outside) 192.168.2.0 access-list nat
access-list vpn permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0


0
 
QlemoDeveloperCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0
All Courses

From novice to tech pro — start learning today.