Hi, I suggest you to ask your client to do NAT for both traffic incoming and traffic outgoing as client has PIX at his side. PIX has this intelligence (bi-directional translation) to solve such private network overlapping issue behind the VPN gateway.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml Thank you, Ramesh On Wed, Dec 8, 2010 at 6:10 AM, Fourpros it <[email protected]> wrote: > Dear Experts! > > I have a need to configure L2L vpn to different clients. I have built the > vpns under a single crypto map, but an issue has come up. > > One of my Client requires me to NAT my inside network to my public address > as he also had NAT his inside network to his public address. > > How do I accomplish this? I basically need to NAT my inside 10.10.x.x > network for Client to 193.32.x.x. My Client his inside network 172.10.x.x > network for me to 173.32.x.x . In my side i have a Cisco IOS router and on > my client side they have Cisco PIX. > My Tunnel is up but can't get reach to my inside network and same on remote > side. My ipsec log shows " sh crypto ipsec sa peer 173.32.x.x" packet > encrypted and decrypted. > > I assume my NAT and ACL is working well, still not being able for tunnel > traffic reachable either side. is there anyway to make this scenario to my > customer? > So i request if any one can provide me any suggest and support. It will be > the great help. > > Thank You > FourPros > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
