09-23-2008 08:12 AM - edited 02-21-2020 03:57 PM
Does anyone know if it is possible to use a Cisco 1811 as an EZVPN client
while the router is setup with only one interface? I have a customer that
requested their VPN router to us be setup in their DMZ with no public facing
interface on the 1811 (VPN device). I usually configure our VPN
configurations with an internet facing interface and a DMZ facing interface.
09-25-2008 06:40 AM
This is possible - you would terminate the VPN on the router in the DMZ. Once connected - you have a route map to set the next hop of the inside network from the router for the VPN IP Pool of addresses.
HTH>
09-27-2008 10:11 AM
I don't think it is possible with only one *logical* interface. Router as a EZVPN Client requires two interfaces to do PAT for traffic going to the Internet. So far as I know, this is autoconfigured in both Client and NEM modes and cannot be disabled. However you *can* use 802.1q trunk to create two *logical* interfaces and configure EZVPN Client, or just configure Site-to-Site on a stick.
HTH
09-30-2008 09:25 AM
I was able to accomplish this by using a loopback interface.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: