Question : Cisco ASA SIte to Site NAT Options.

Hello, I need to configure a site-site tunnel for a third party which has a source network that already exists as a routable destination within our organisation. Access will be from remote site client to internal server.

I have a private /24 network range reserved for NAT - not in use yet.

So i can see 2 options immediately and would appreciate your advise..

Op1. a) Have remote site source NAT to an address with my NAT range.
b) Route my NAT range to Outside interface
c) Configure VPN to protect remote network as being the allocated NAT range address

Op2. a) Keep remote site addresses as original
b) Configure VPN to protect original source and destination addresses
c) After packet has been decrypted then NAT to an assigned address from my NAT range

Option1 looks like the easiest method to me, but I would like to understand option2 in the event that the third party involved isn't able to complete the source NAT.

What NAT strategy would be best in case of option2, how would this be configured ?

Regards, Adrian..

Answer : Cisco ASA SIte to Site NAT Options.

I believe you'd set up a static NAT translation, with the original interface set to "outside" and the translated interface set to "inside". The "source" address should be set to the customer's subnet, and the translated address should be set to the subnet you want to use.

Random Solutions

Auto- Numbers in oracle

set default font for word and emails via gpo server 2008r2

Error - Invalid Use of Group Function

Juniper Netscreen Remote VPN gettting errors 10049 when attempting to connect

dont want repeats

trigonometry equation

Center aligned backround image that extends with div

where to buy the correct aspect ratio

Can't Update Outlook Appointments