Question : Cisco ASA How to NAT traffic between two IPSEC tunnels on same ASA

Hi,

We have following problem:

We have two IPSEC tunnels:
Site1 to Site2
Site2 to Site3
We need to NAT traffic from Site1 to Site 3 on Cisco ASA in Site 2

Site1: 10.1.0.0/24
Site2: 10.2.0.0/24
Site3: 10.3.0.0/24

We need to NAT packets incoming from Site1 via tunnel to Site2 using address from Site2 and then send it via tunnel to Site3

We need to use such solution in more complicated scenario of redundant VPNs hubs.This is simplified example.We mainly use ASDM for ASA config but CLI command will be also much apprieciated. We using Cisco ASA firmware 8.2.2.

Attachments:

SchemaDiagram.jpg (33 KB) (File Type Details)

Diagram of the topic

Answer : Cisco ASA How to NAT traffic between two IPSEC tunnels on same ASA

Problem solved

Such configuration is fully possible.

On router in Site 2 traffic from Site1 tto Site3 is NATed.

NAT must be configured on Outside interface with local address pool (Site 2) on Outside (not Inside) interface.

thanks for your support. Case closed.

bgs

Random Solutions

delete orphaned offline files

McAfee Groupshield 7.1 - Whitelisting

importing a date field from oracle into MSSQL

activesync error 0x85010004

Network setup, your opinion

droid not syncing when outlook is closed

Changing src in another page

sendAndLoad onHTTPStatus issue