Double NAT/Twice NAT VPN Setup

Please help with configuration of a Double NAT VPN

Diagram of the VPN Network
Client A has a Site to Site VPN to Client B
Client A will soon have a Vlan in it's network to Client C
Client A and C have the same Subnet, and changing them is non optional. (

I need to reconfigure the VPN so that there is no longer a conflict.

Client A will send traffic to new remote network
Client B will NAT traffic from to and Vica-versa on it's way back to Client A

Client B is running Cisco ASA 8.2
Client A is running a Sonicwall TZ210 (or similar)

I need assistance with configurations for the Cisco ASA... I speculate the Sonicwall will just update the remote network details for IPSec.
Who is Participating?
fgasimzadeConnect With a Mentor Commented:

Here a guide for VPN with overlapping networks. But you would need to configure NAT on the Sonicwall as well
Daniel HelgenbergerCommented:
please have a look on this recent (ongoing) thread:

Exactly the same. The consensus so far is not to use the quite complicated dual FW setup any more but one next gen firewall.

But your question is answerd here:
Jan SpringerCommented:
When connecting two internal networks on the same subnet via a VPN, perform NAT through the VPN tunnel so that the conversation between the two networks is: public network to private network.
QlemoBatchelor and DeveloperCommented:
The SonicWall just needs to NAT to, forcing to the VPN tunnel. The answers come back from, and are translated to again if arriving via the tunnel.
Packets from/to on A/C network will not get translated.

That way, nothing has to be done on the ASA side, only SonicWall needs to perform destination NAT.
Blue Street TechLast KnightsCommented:
Any update on this?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.