Ok here is the setup, I have a current VPN tunnel established to another company using some other type of VPN appliance that is unable to do NAT. The need access to part of our network that overlaps with theirs. "Drawing" that might make no sense to anyone but me follows.
| Remote Company VPN Appliance | -> 10.0.0.0/24 x x *VPN TUNNEL* x | Cisco VPN Concentrator | 10.1.0.0/16* *
- | Local Network (10.1.0.0/16) |
- (DS1 To Remote)
- | Remote Network (10.0.0.0/16) |
Ok so there is a machine in the remote network with the IP of10.0.10.24/16 that we need the remote company to get at. Obviously any IP coming from the remote company will be local to "Remote Network" thus I have to NAT it at our VPN Concentrator. Here is what I have done.
1) Setup a Network List for the "Local Network" configuration of the LAN-to-LAN VPN tunnel to include 10.1.0.0/16 and 10.0.10.0/24.2) Setup a Network List for the "Remote Network" configuration of the LAN-to-LAN tunnel to include 10.0.0.0/24 and 10.200.0.0/24 *see below*. 3) Setup a NAT in the LAN-to-LAN NAT rules to translate the source of 10.0.0.0.0/24 to 10.200.0.0/24 when the destination network is 10.0.10.24, this was setup as a static (one to one) mapping.
So as of now I can ping an IP address on the Remote Companies side (10.0.0.24/24) from the "Local Network", however in theory (or my theory) I should be able to ping 10.200.0.24 from the Remote Network of10.0.10.0/24. Did I do something wrong or am I completely off on this?
Thanks in advance. Crawl