I have the following document about building a LAN2LAN VPN including NAT.
There?s no problem doing this with the concentrator. Now I have to configure it on IOS Router, and therefor I can?t find any Information. I have to NAT my private network to one official IP which have to be tunneled as my local LAN.
Do anyone have a documentation about this szenario? I can?t find any on the CCO.
Thanks for support
The concentrators are very friendly units (IMHO) for doing VPN's and VPN's with NAT.
You build an acl to defined the traffic over the vpn (110) based on being nat'd
You then create an acl to define whats NAT'd (111) and create a NAT statement accordingly
Below is a sample configuration.
crypto isakmp policy 10
crypto isakmp key vpnsrock!! address x.x.x.x
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map VPN 10 ipsec-isakmp
set peer x.x.x.x
set transform-set ESP-3DES-SHA
match address 110
ip nat outside
crypto map VPN
ip nat inside
ip nat inside source list 111 interface fa0 overload
ip route 0.0.0.0 0.0.0.0 y.y.y.y
access-list 110 permit ip fa0-ip wildcard-mask remote-network wildcard-mask
access-list 111 permit ip local-network wildcard-mask remote-network wildcard-mask