Cisco Router VPN Duplicate Lan

RandallVillalobos
RandallVillalobos used Ask the Experts™
on
Experts,

Original setup:
Company A connects to Company B via VPN (configuration below)-- this has been working
Company A uses the router to connect to the internet

Challenge:
Company A needs to connect via VPN to a new office with Duplicate Lan. Unfortunately I am not sure if appling a separate Nat will do the
trick like specified in this article because I need to use the NAT to access the internet.  Any suggestion is appreciated

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800b07ed.shtml


MyCompanyA #sh run   (This is the router where I need to apply the nat to the Duplicate Lan)


crypto isakmp policy 22
 encr 3des
 authentication pre-share
 group 2

crypto isakmp key test123 address 222.25.161.108

crypto ipsec transform-set company esp-3des esp-md5-hmac


crypto map 3desmap 21 ipsec-isakmp
 set peer 222.25.161.108
 set transform-set company
 match address companyacl

ip nat pool Internet 222.25.164.38 222.25.164.38 netmask 255.255.255.252
ip nat inside source list NAT pool Internet overload
ip route 0.0.0.0 0.0.0.0 222.25.164.33


ip access-list extended NAT
 deny   ip 10.168.83.0 0.0.0.255 10.168.70.0 0.0.0.255
 permit ip 10.168.83.0 0.0.0.255 any


ip access-list extended companyacl
 permit ip 10.168.83.0 0.0.0.255 10.168.70.0 0.0.0.255

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hello Experts,

I fixed the issue!!  :-)   I just added a separate nat pool with a new crypto acl  pointing to the new nat pool and it worked.

Thanks!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial