is it possible to setup site-to-site vpn with NAT on one side?

I'm just curios? They have their remote devices configured for a pool of public IP's. Is a site-to-site VPN possible when one side is using a nat pool to get out? They need access to one of our servers we really don't need access to anything they have. They don't want me creating an access list to their private IP. They want to use the dynamic NAT translated address

Find more posts tagged with

Comments

Ahriakin

Yup, shouldn't be a problem.

mrblackmamba343

so I suppose I create an access list permitting our private ip to their public ip pools for the crypto map?
And on their end they create an access list permitting their public ip pool to our private network?

mrblackmamba343

tested this on my home lab and it seems to be working. Hopefully it works when I deploy it in the real world

Ahriakin

A VPN doesn't care if the traffic is public or privately addressed, they're all just packets to be encapsulated.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of