VPN, NAT and serial link

Unanswered Question
Apr 16th, 2007
User Badges:

I am trying to come up with a decent config for a client. Below is the network layout.

Cisco 2610 at ISP, E0/0 to the ISP, S0/0 to the client.

Cisco 1601 at client, E0 to LAN, S0 to ISP over a 64k (upgrading to 128k) lease line.

The 2610 provides NAT to the client's users. I want to terminate the 1 or 2 VPNs users while travelling to the 2610.


E0/0 Public IP





What is the best way to enable bridging on the 1601 so that VPN users can use a local IP pool on the 2610 and see the internal MS AD network?

I had thought about using a loopback address of on the 1601 and move the to the S0/0 on the 2610. I am 8000 miles away from the client so I have to be very careful about any changes.

Any suggestions?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
paarlberg Tue, 04/17/2007 - 03:14
User Badges:


I do have NAT and VPN working at another location, however this one requires that I either NAT or bridge at 1 of the ends to make the solution work properly.

f.reichmann Wed, 04/18/2007 - 01:40
User Badges:

On the "8000 miles away from client" bit: You may safe the last working configuration into NVRAM (startup-config), make sure its read at startup (check configuration register) and then schedule a reload before changes, such as

"reload in 10"

Choose not to safe the config. Now you have 10 minutes to do your changes. If you shot yourself out of the box it will reload after 10 minutes. If your changes were successfull and you are confident with it, do a

"reload cancel"



This Discussion