myITmicroblog

Today I would like to set up a VPN tunnel between two ASAs with capability of sending OSPF packets over the IPsec tunnel. I know there are similar examples available on the Internet but I would like to check if there are any problems during the implementation. 4.4 . 4.0 / 24 7.7 . 7.0 / 24 5.5 . 5.0 / 24 /---- \ . 1 . 10 ----- . 1 . 2 ----- . 10 . 2 /---- \ | R1 |----------| ASA1 |----------| ASA2 |----------| R2 | \- ---/ ----- ----- \- ---/ |<----- VPN ----->| The basic configuration: R1:   ! hostname r1 ! interface GigabitEthernet0 / 0 ip address 4.4 . 4.1 255.255 . 255.0 no sh ! router ospf 200 network 4.4 . 4.0 0.0 . 0.255 area 0 ! R2:   ! hostname r2 ! interface GigabitEthernet0 / 0 ip address 5.5 . 5.2 255.255 . 255.0 no sh ! router ospf 100 log - adjacency - changes network 5.5 . 5.0 ...

Today I would like to implement NAT based on the configuration presented in one of my last posts: “ASA ikev2 VPN s-2-s (PKI) - part one”. Assume that LAN networks have the same addresses on both sides: 11.11 . 11.0 / 24 10.0 . 0.0 / 24 11.11 . 0.0 / 24 /---- \ . 11 . 1 ----- . 1 . 2 ----- . 1 . 11 /---- \ | R1 |----------| ASA1 |----------| ASA2 |----------| R2 | \- ---/ ----- |. 100 ----- \- ---/ Loop0 /---- \ Loop0 11.11 . 12.12 | R3 | 11.11 . 12.12 Loop1 \- ---/ Loop1 11.11 . 13.13 PKI SERVER 11.11 . 13.13 Sometimes it happens, for example when two companies merge together. For this post only I simplify the design and instead of the same subnets I have six hosts, where three have the same IPs (represented here as a L...