• cabling news
  Newsletter Industry News Our Site News
• help
  Home Cabling Guide Cabling FAQ Free Helpdesk Forums Learn Cabling
• resources
  Color Codes Pin Layouts Links E-books Bookstore Online Tools Downloads
• this site
  Home Page Contact us Advertise Here Link to us
• this page
  Bookmark It! Print
• +

Cisco Systems ASA 5510 and NAT to Site-to-Site

Bookmark this page:   Yahoo!   Google   Windows Live   del.icio.us   digg   Netscape

Subject Author Date ASA 5510 and NAT to Site-to-Site rossk 05-01-08  Re: ASA 5510 and NAT to Site-to-Site News Reader 05-01-08

Posted by rossk on May 1, 2008, 12:15 am Please log in for more thread options I have a site to site VPN set up. Going forward I would like to take the outside interface IP that is encrypted inside the packet to another IP. Basically there is a router in front of the ASA and it gets a number of 192.168.1.5 for example. When the ASA sends the packet over the VPN tunnel encrypted it of course says the source is 192.168.1.5. I basically want to change that number to represent the outside IP address. Is this possible? The IP header on the packet does show the static outside address just not the encrypted ip header field.

Posted by News Reader on May 1, 2008, 9:21 am Please log in for more thread options Your question is not clearly stated. rossk wrote: > I have a site to site VPN set up. Going forward I would like to take > the outside interface IP that is encrypted inside the packet to > another IP. Encapsulation is what is being discussed, not encryption. Outside interface address of which device, the ASA or the router? You are referring to changing an inner (encapsulated) address here, but later refer to changing an outer (encapsulating) address. >Basically there is a router in front of the ASA and it > gets a number of 192.168.1.5 for example. When the ASA sends the > packet over the VPN tunnel encrypted it of course says the source is > 192.168.1.5. I basically want to change that number to represent the "Of course" because the router uses NAT, or "of course" because the router is doing the encapsulation rather than the ASA? This says you want to change an outer (encapsulating) address. > outside IP address. Is this possible? The IP header on the packet > does show the static outside address just not the encrypted ip header > field. It would be best if you stated: * Which device is doing the encapsulation. * Are you using NAT, and if so, on which device. * Which ESP Mode is currently being used with your IPSec transform (Tunnel, Transport). * Are you using GRE. Best Regards, News Reader

Similar Threads	Posted
ASA 5510	June 8, 2006, 9:37 am
ASA 5510 and qos	October 19, 2006, 3:59 am
VPN to ASA 5510	August 31, 2007, 9:13 am
asa 5510	February 20, 2008, 7:06 pm
ASA 5510 QoS	June 24, 2008, 12:07 pm
Very slow ftp on ASA 5510	August 8, 2006, 5:16 am
ASA 5510 FTP Issue	August 20, 2006, 9:48 pm
Cisco ASA 5510	September 26, 2006, 6:10 am
PASV FTP through ASA 5510	October 3, 2006, 3:14 pm
ASA 5510 Issue	January 5, 2007, 10:06 am
ASA 5510 UDP NAT problem	February 6, 2007, 9:29 am
ASA 5510 as a router?	May 17, 2007, 5:21 pm
Passwords on ASA 5510	May 22, 2007, 6:53 pm
ASA 5510 doesn't put through traffic.	June 6, 2007, 7:05 am
Authenticate 5510 against AD	November 20, 2007, 12:03 pm

Contact Us | Privacy Policy