VPN to IOS router behind 1 to 1 NAT

Unanswered Question

I have a unreliable VPN tunnel I am trying to diagnose. I have a Cisco 1801 ISR at a customer site that has a private IP address assigned to it's outside interface. The other end of that connection is I am told a DMZ on a watchguard (not my device) and I have been given a 1 to 1 NAT from a public address to my inside address.

I have the VPN tunnel established, but it is unreliable. At what seems to be random intervals the VPN will drop and I cannot re-establish the tunnel until I restart the Cisco 1811 router. The tunnel is terminating on a pair of PIX 525s at our datacenter. I have about a dozen 1801/1811 routers in the field and this is the only one causing problems.

Do I need to do anything special for a device that is behind a NATed interface?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion