outbound vpn through 1750

Unanswered Question


Make sure on the 1750 (remote vpn site) that there is configuration allowing outbound address translation.

Its not always needed in your scnenario if you do not care for split tunneled internet access.

Of which you simply need to create

ip nat inside source list access-list-name interface actual-interface overload

Make sure your your access-list-name denys source and destination for traffic that should flow over the tunnel. Then permit the require traffic from the host to the internet/3rd party gateway.

That should do it.



This Discussion