LAN-to-LAN with Overlapping networks and PAT

Discussion in 'Cisco' started by Siddhartha Jain, Mar 31, 2005.

  1. Hello,

    I am trying to get a LAN-to-LAN IPSec VPN to work.

    Site A is 10.250.0.0/16
    Site B is 10.0.0.0./8

    On Site A, the inside network accesses the internet by being PAT-ted to
    a pool of four global IP addresses - 64.aa.bb.cc/29

    Site B has NAT-ted the hosts to be connected to over the VPN with
    192.168.40.0/24

    Now my question is that how do I configure Site A router wrt to NAT.

    Will it work if I leave the PAT on Site A as it is and define my
    interesting traffic as:
    access-list 190 permit ip 64.aa.bb.cc 0.0.0.8 host 192.168.40.1

    The PAT on site A is defined as:
    ip nat pool tcsux 64.aa.bb.c1 64.aa.bb.c4 prefix-length 29
    ip nat inside source list 163 pool tcsux overload

    On Site B, the interesting traffic would then be between
    192.168.40.0/24 and 64.aa.bb.cc/29

    Will this work? Ofcourse, I can punch in the config and see if it works
    but unfortunately Site B isn't under my command so I need to suggest
    the config to the Site B admin.

    Thanks,

    Siddhartha Jain (CISSP)
     
    Siddhartha Jain, Mar 31, 2005
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.