Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Need to create a VPN to a Fake Network

Posted on 2013-06-22
5
Medium Priority
?
684 Views
Last Modified: 2013-06-25
I have a Cisco ASA 5520 and I need to estabilish a VPN to a 3rd party.  Our subnets overlap, so I need to have the VPN come into a fake network that I will NAT all the other networks through to get to them.
Insite network:192.168.1.0/24
Remote network:192.168.10.0/24
So I need to creat a fake network on my side, ie 192.168.50.0/24 that the VPN will list in the tunnel.  Then I need to NAT all my internal traffic through to that fake network, so it will go over the VPN.   How do I set that up?
0
Comment
Question by:digital0g1c
  • 2
  • 2
5 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 39268418
Why aren't you just using the public IPs through the tunnel?

That way, your inside IPs NAT first and then get encrypted through the VPN.
0
 
LVL 1

Author Comment

by:digital0g1c
ID: 39268428
how would you make that work?
0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 2000 total points
ID: 39268438
Two steps:

1) don't create a NAT exemption between the inside networks.

2) specify your public subnet to their private subnet (the encryption domain) in the VPN peer access-list.  let your peer know to use your public IPs at their end since the encryption domains need to be an inverse match.
0
 
LVL 1

Author Comment

by:digital0g1c
ID: 39268448
That makes perfect sense.  Tunnel vision!  no pun intended...   Thanks!
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39274820
btw, you could use the internal IPs and do NAT exemption as well, but it requires that you tell the other side to use a fake network as well.  It's considered a policy NAT or twice NAT type of configuration.  It's ugly but it works and is sadly more common than you might think for the exact problem you're facing.

Cisco Doc Example:  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses
Course of the Month11 days, 6 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question