greentriangle
asked on
Cisco ASA site to site VPN with public IP address configured as local subnet
Hi. Got a cisco ASA 5505 that we need to set up a VPN to another site (SITE2). The issue is that Site2 already has a VPN to another site that has the same subnet as ours. We have been advised that SITE2 will allow our external IP address through the VPN tunnel instead of our local subnet. We need to NAT out local clients pcs (172.16.1.x) to our external IP address.
What commands will we need to do this? Running v9.2
Thanks,
What commands will we need to do this? Running v9.2
Thanks,
This is very common, I get this all the time, so much that I wrote it up :)
Cisco ASA: VPNs With Overlapping Subnets
Pete
Cisco ASA: VPNs With Overlapping Subnets
Pete
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Open in new window
but for it does make sense if you do this way. as for any site-to-site VPN, you do need a set of internal IPs behind a public IP (the VPN gateway). except you have an additional public IP as the VPN gateway (not in the subnet for above mapped public IPs), it won't work like site-to-site VPN.
does it help?