Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN between a public network and a private network

Unanswered Question
Sep 18th, 2009
User Badges:

How can I setup a VPN between router1 and router2?

internet --- Router1 ---

internet --- Router2 ---

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Fri, 09/18/2009 - 09:26
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


How does Router1 get out to the Internet? If it does not have any public addresses is there some address translation being done?

If there is translation being done and if the address that Router1 uses getting to the Internet may change then you may need to use a dynamic crypto map on Router2 (and that implies that Router1 may need to initiate the VPN).



tachyon05 Fri, 09/18/2009 - 09:46
User Badges:


Router 1 has a public IP address and is static. Router 1 also does NAT for inside clients, so they can get out on the internet.

Router 2 is actually an ASA, also configured with static public IP address.

normally, for vpn between 2 private networks, on both router1 and ASA, i configure NO NAT for traffic going through the tunnel. However, in this case I assume on router1, i should still NAT traffic going to the public network?

Also, on the ASA, I would NOT NAT any traffic going through the tunnel neither.

Does this seem right?


This Discussion