How to enable remote workers to use main office internet connection

Answered Question
Jul 31st, 2007

Hi all,

i just configured our new 1802 as our internet firewall and easy VPN Server and everthing works well. The only Problem is, that connected VPN Clients cannot access the internet. It is a companys policy, that every traffic from the remote users should be encrypted and send to the central side, so split tunneling isn?t an option.

I added the SDM_Pool IPs of the Remote Workers to the NAT ACL and for some reasons the ACL is used by some packets that my "IBM Sametime" generates, and this traffic can be seen in ip nat translation. But the destination in this packets is a local ip network (172.16.17.x) so that should bei a packet that is not NATed.

My question is, what happens to encrypted packets after they are decrypted in the esayVPN Server (what are the dest an source ip ) and how can i configure the router to NAT the packets to the external IFs-IP, because it isn?t incoming traffic on the internal if, which is configured as ip nat inside.

Thanks for any suggestions.

Matthias

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
m.thom Tue, 07/31/2007 - 12:04

Sometimes it helps to search just for the right keywords... Everything is documented on cisco.com but only the experts know where to find it :-)

THX a lot for this very quick solution

Matthias

Actions

This Discussion