[VPN] LAN-to-LAN with Overlapping networks and PAT
Siddhartha Jain
losttoy2000 at yahoo.co.uk
Thu Mar 31 13:01:18 EST 2005
Hello,
I am trying to get a LAN-to-LAN IPSec VPN to work.
Site A is 10.250.0.0/16
Site B is 10.0.0.0./8
On Site A, the inside network accesses the internet by
being PAT-ted to a pool of four global IP addresses -
64.aa.bb.cc/29
Site B has NAT-ted the hosts to be connected to over
the VPN with 192.168.40.0/24
Now my question is that how do I configure Site A
router wrt to NAT.
Will it work if I leave the PAT on Site A as it is and
define my interesting traffic as:
access-list 190 permit ip 64.aa.bb.cc 0.0.0.8 host
192.168.40.1
The PAT on site A is defined as:
ip nat pool tcsux 64.aa.bb.c1 64.aa.bb.c4
prefix-length 29
ip nat inside source list 163 pool tcsux overload
On Site B, the interesting traffic would then be
between 192.168.40.0/24 and 64.aa.bb.cc/29
Will this work? Ofcourse, I can punch in the config
and see if it works but unfortunately Site B isn't
under my command so I need to suggest the config to
the Site B admin.
Thanks,
Siddhartha Jain (CISSP)
My Gear: Canon Digital 300D with Canon 18-55mm f/3.5-5.6
: Minolta Maxxum 5 with Tamron 28-200mm f/3.8-5.6 Super LD IF
: Pentax M42 mount Super-Takumar 50mm f/1.4
: Jupiter M42 mount 200mm 21m f4
: Mahindra Bolero GLX
The Bombay Amateur Photographers Club
http://groups.yahoo.com/group/tbapc/
Mahindra & Mahindra Jeepers
http://autos.groups.yahoo.com/group/mmjeeps/
Send instant messages to your online friends http://uk.messenger.yahoo.com
More information about the VPN
mailing list