with ezvpn remote, you designate an inside ezvpn interface and outside ezvpn interface. When the tunnel is created, a loopback is enabled with ip add from 3000 LAN side. How do i set up routing for this type of setup? In other words, how do i route the packets to use the ip add of the loopback in order for the packets to be tunneled across the ezvpn? Also, If I have NAT, does that take place before or after encryption? How does that affect the ezvpn?
3000 LAN IP Addresses
192.168.1.0 - 192.168.1.255
vlan 1 interface
ip add 10.10.10.1 255.255.255.0
ip nat inside
ip nat outside
After tunnel is created with 3000, a loopback is enabled with one of the ip addresses given from the 3000.
ip add 192.168.1.7 255.255.255.0
Packets from the loopback get sent across the tunnel just fine. Packets from inside ezvpn interface dont go over the tunnel. I believe this is because their addresses are in a different range than the ip add give to the loopback interface so its some sort of routing issue.
so, how do i make the packets fron the ezvpn inside interface get translated into the ip add on the loopback interface (192.168.1.*) in order to go over the tunnel?
I've read the ezvpn documents. they dont really explain the correct details. If ezvpn automatically tunnels traffic from the ezvpn internal to the external, then how are the packets transported across the tunnel? Are they translated into the 192.168.1.1 and transported across the tunnel or are they transported across the tunnel unchanged? If they are transported across the tunnel untranslated, then that would explain why pings dont work from the ezvpn internal interface.