Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > Security (CCNP Security) > Discussions


14020 Views 2 Replies Latest reply: Mar 28, 2012 3:50 AM by Jeron RSS

Currently Being Moderated

Cisco ASA Site to Site IPSEC VPN and NAT question

Mar 27, 2012 11:20 AM

Jeron 2 posts since
Nov 2, 2009

Hi Folks,




I have a question regarding both Site to Site IPSEC VPN and NAT. Basically what I want to achieve is to do the following:




ASA2 is at HQ and ASA1 is a remote site. I have no problem setting up a static static Site to Site IPSEC VPN between sites. Hosts residing at are able to communicate with hosts at, but what i want is to setup NAT with IPSEC VPN so that host at will communicate with hosts at with translated addresses




Just an example:


Host N2 ( will communicate with host N1 with destination lets say not (Notice the last octet should be the same in this case .5)

The same translation for the rest of the communication (Host N2 pings host N3 destination ip not again last octet is the same)

It sounds a bit confusing for me but i have seen this type of setup before when I worked for managed service provider where we had connection to our clients (Site to Site Ipsec VPN with NAT, not sure how it was setup)

Basically we were communicating with client hosts over site to site VPN but their real addresses were hidden and we were using translated address as mentioned above instead of (real), last octet should be the same.


Appreciate if someone can shed some light on it.



More Like This

  • Retrieving data ...

Bookmarked By (0)