We have a Cisco ASA 5505 Security Appliance. We are trying to setup a Site-to-site VPN with another company. Normally this wouldn't be a problem but the LAN Subnet that we are using conflicts with another one of their VPN's so we have to translate our server's IP address to a different address before sending it over the VPN. I have tried setting up a static policy NAT to do the trick but the VPN is not coming up. Here is the info:
Our ASA's LAN IP: 192.168.0.1
Our Server they need to access: 192.168.0.11
The IP they want us to translate to: 172.16.66.33
The IP address of their server: 10.50.106.41
We don't have a problem connecting to their subnet but they cannot connect to our 192.168.0.0/24 subnet because it overlaps with another one of their clients. So we just need to translate 192.168.0.11 to 172.16.66.33 on our side of the VPN.
I hope that makes sense. Can someone provide a working example? We can use the CLI or ADSM.
I was able to get a Cisco engineer on the phone. The solution is to create a static policy NAT like this:
access-list policy_nat extended permit ip host 192.168.0.11 host 10.50.106.41
For many of us, the holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're interested in additional methods for monitoring bandwidt…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’
As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…