Question : Cisco ASA SIte to Site NAT Options.

Hello, I need to configure a site-site tunnel for a third party which has a source network that already exists as a routable destination within our organisation. Access will be from remote site client to internal server.

I have a private /24 network range reserved for NAT - not in use yet.

So i can see 2 options immediately and would appreciate your advise..

Op1. a) Have remote site source NAT to an address with my NAT range.
b) Route my NAT range to Outside interface
c) Configure VPN to protect remote network as being the allocated NAT range address

Op2. a) Keep remote site addresses as original
b) Configure VPN to protect original source and destination addresses
c) After packet has been decrypted then NAT to an assigned address from my NAT range

Option1 looks like the easiest method to me, but I would like to understand option2 in the event that the third party involved isn't able to complete the source NAT.

What NAT strategy would be best in case of option2, how would this be configured ?

Regards, Adrian..

Answer : Cisco ASA SIte to Site NAT Options.

I believe you'd set up a static NAT translation, with the original interface set to "outside" and the translated interface set to "inside". The "source" address should be set to the customer's subnet, and the translated address should be set to the subnet you want to use.

Random Solutions

Don't Delete the SheetTab just Rename it.

Help adding minutes to time value

Cisco Wireless Access Point - Guest & Internal SSIDs

User.Identity.Name s not stored in table - Store Procedure

Drupal site not showing at all, yet no errors.

SharePoint list template '1101' is not installed in this farm

Set My Site to be Viewed in IE7 Compatibility Mode

query to find days over 30 since event