VPN, NAT and serial link

Unanswered Question
Apr 16th, 2007

I am trying to come up with a decent config for a client. Below is the network layout.

Cisco 2610 at ISP, E0/0 to the ISP, S0/0 to the client.

Cisco 1601 at client, E0 to LAN, S0 to ISP over a 64k (upgrading to 128k) lease line.

The 2610 provides NAT to the client's users. I want to terminate the 1 or 2 VPNs users while travelling to the 2610.

2610

E0/0 Public IP

S0/0 192.168.5.1

1601

E0 192.168.1.1

S0 192.168.5.2

What is the best way to enable bridging on the 1601 so that VPN users can use a local IP pool on the 2610 and see the internal MS AD network?

I had thought about using a loopback address of 192.168.1.2 on the 1601 and move the 192.168.1.1 to the S0/0 on the 2610. I am 8000 miles away from the client so I have to be very careful about any changes.

Any suggestions?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paarlberg Tue, 04/17/2007 - 03:14

Thanks,

I do have NAT and VPN working at another location, however this one requires that I either NAT or bridge at 1 of the ends to make the solution work properly.

f.reichmann Wed, 04/18/2007 - 01:40

On the "8000 miles away from client" bit: You may safe the last working configuration into NVRAM (startup-config), make sure its read at startup (check configuration register) and then schedule a reload before changes, such as

"reload in 10"

Choose not to safe the config. Now you have 10 minutes to do your changes. If you shot yourself out of the box it will reload after 10 minutes. If your changes were successfull and you are confident with it, do a

"reload cancel"

Fritz

Actions

This Discussion