Interner through ipsec tunel via central office

Unanswered Question
Dec 1st, 2009

Hi all,

I would like go to internet via central office through a ipsec tunnel but i can not NAT origin traffic in central office because my ipsec inbound interface is the same of my internet interface.

Remote Office          <--------- IPSEC site to site over Internet -------->      Central Office(CO)

192.168.33.0/24                                                                                192.168.254.0/24

When i try to surf from Remote Office, the packets goes via ipsec and i can view decryption in CO, then CO router route packets via his default route. The default route is via the same interface that inbound ipsec, then, i can not set an ip nat inside in any interface because the packets enter and go out via the same interface.

Somebody can help me?

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Sat, 12/05/2009 - 20:50

Use this link, not exactly L2L VPN, this exmple is for Ipsec RA full tunnel  and access  internet via HUB router,  try  following  the same prinsiple for your l2l tunnel internet through CO using a loopback interface in your CO router as nat inside .. let us know how works out,

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

Actions

This Discussion