EZ VPN client in DMZ and a router-on-a-stick

Unanswered Question
Sep 23rd, 2008

Does anyone know if it is possible to use a Cisco 1811 as an EZVPN client

while the router is setup with only one interface? I have a customer that

requested their VPN router to us be setup in their DMZ with no public facing

interface on the 1811 (VPN device). I usually configure our VPN

configurations with an internet facing interface and a DMZ facing interface.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

I don't think it is possible with only one *logical* interface. Router as a EZVPN Client requires two interfaces to do PAT for traffic going to the Internet. So far as I know, this is autoconfigured in both Client and NEM modes and cannot be disabled. However you *can* use 802.1q trunk to create two *logical* interfaces and configure EZVPN Client, or just configure Site-to-Site on a stick.


Alltimed Tue, 09/30/2008 - 09:25

I was able to accomplish this by using a loopback interface.


This Discussion