[c-nsp] IPsec VPN and Static NAT

Samol molasian at gmail.com
Thu Jan 3 23:55:49 EST 2013


Hi All,

I have topology like:

LAN_A----->(RouterA)<------------>(ASA)<-----LAN_B

Our requirements are :

1. IPsec VPN between the two sides
2. LAN_A goes to LAN_B will go thru VPN
3. On ASA, we want to have a Fake IP address(mapped IP eg. 192.168.55.0)
that will map to LAN_B ( Traffic from LAN_A)

I have configured all of that, but when i get VPN worked, and i put Static
NAT on ASA to do the IP mapping, VPN doesn't work anymore. I'm wondering
how ASA process the NAT and VPN interesting traffic. which one will ASA
look first? example, when packet from LAN_B arrives on ASA, will it look at
static NAT and then push that the translated IP address into VPN ? this
confused me :(

Please help!

Regards,
Sam


More information about the cisco-nsp mailing list