Hi all,
we'r building a VPN L2L tunnel to a customer of ours (ASA5510). Internally we use the 192.168.0.0/16 range, but this range is not acceptable for the customer (already in use) so they want us to tranlsate this to another range and have assigned us the 10.212.26.0/24 range.
This is what I would like my firewall setup to look like:
But I get this errer when entering the static rule:
global address overlaps with mask
Is there a way to fit our /16 network into the designated /8 network or should I just live with the fact that only a part of our network will be able to tunnel through?
Thanks!
we'r building a VPN L2L tunnel to a customer of ours (ASA5510). Internally we use the 192.168.0.0/16 range, but this range is not acceptable for the customer (already in use) so they want us to tranlsate this to another range and have assigned us the 10.212.26.0/24 range.
This is what I would like my firewall setup to look like:
Code:
access-list nonatCUST extended permit ip 192.168.0.0 255.255.0.0 IP_RANGE_CUST 255.255.255.0
access-list crypto_CUST extended permit ip 10.212.26.0 255.255.255.0 IP_RANGE_CUST 255.255.255.0
static (inside,outside) 10.212.26.0 access-list nonatCUSTBut I get this errer when entering the static rule:
global address overlaps with mask
Is there a way to fit our /16 network into the designated /8 network or should I just live with the fact that only a part of our network will be able to tunnel through?
Thanks!
