Local NAT through VPN

crn
Conversationalist

Local NAT through VPN

Hello Team,

 

Very new in Meraki World and some beginner difficulties ...

 

I have to do a IPSec VPN Point 2 Point connection with external client for getting some licenses but problem is that my LAN IP range is used also in clients LAN …

 

So they ask me to NAT my LAN (few IP’s) into a specific IP before it goes to VPN Tunnel.

How to NAT Lan ONLY for client destination … cause this LAN Range have to stay the same for my LAN Communications

In Cisco ASA we can manage this with route-maps but don’t know how to on meraki

I’ll appreciate any help

 

thanks in advance

5 Replies 5
Russ_B
Getting noticed

Take a look at this document and see if it helps:

 

Using Site-to-site VPN Translation - Cisco Meraki

 

I haven't run into this issue, but I remembered reading about it.

 

Russ

 

ww
Kind of a big deal
Kind of a big deal

You can only translate using autovpn. Not 3rd party vpn.

 

So the other side has to do it.

Or,if possible you can change that specific lan subnet

crn
Conversationalist

Hi & Thanks !

 

Sorry I didn't specified that I check on internet and didn't found it.

I saw this page, but I do not have the option " VPN on  with translation" 😞 

I have only Enable Disable ... 

MX100 Current version: MX 15.44

 

Is it Hardware limitation or IOS ?

 

(Sorry for awfull screenshot)

 

Thanks a lotfw.png

Ryan_Miles
Meraki Employee
Meraki Employee

Mentioned in the doc link is that you need this enabled by Meraki Support

 

Screen Shot 2021-12-10 at 9.09.48 AM.png

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
crn
Conversationalist

Hi Thanks, I missed that, or didn't understood that way.

 

OK when Meraki Support activates this "option" I'll get the oportunity to NAT my LAN to un specific IP

- This IP doesen't have to existe elsewhere ?

- This option will NAT always my LAN to that IP before going to Tunnel (This will make problems when other LAN would join this network on normal ip range un-natted)

 

How can I do to:

- NAT only and only if destination is beyond other VPN point.

- Don't NAT for others destinations in VPN, all other Lan destination?

 

Something like route maps ? How to manage this ?

 

Little complicated ...

 

Thanks

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels