Why NAT happens to site-2-site IPsec tunnel?
I configured an IPsec tunnel between site A and Site B. They are pining each other well. Site B has a web server which is open to the public. So it has a stactic NAT configured.
eg. ip nat inside source static tcp 10.10.10.10 80 interface fastethernet0 80
From Site A, http://10.10.10.10/ failed to display the web site.
Then I found nat has happened.
I thought NAT should bypassed when traffic is through the IPsec tunnel. But obviousely it is not.
What can I do to make it both work for external and vpn sites?
Hi Lydia, you can't use that command when you specify an interface rather than an actual global address.
it would have to look like this:
ip nat inside static 10.10.10.10 (some routable outside address) route-map nonat