Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
0
Helpful
1
Replies

Interner through ipsec tunel via central office

david.sua
Level 1
Level 1

‎12-01-2009 04:23 AM - edited ‎02-21-2020 04:24 PM

Hi all,

I would like go to internet via central office through a ipsec tunnel but i can not NAT origin traffic in central office because my ipsec inbound interface is the same of my internet interface.

Remote Office          <--------- IPSEC site to site over Internet -------->      Central Office(CO)

192.168.33.0/24                                                                                192.168.254.0/24

When i try to surf from Remote Office, the packets goes via ipsec and i can view decryption in CO, then CO router route packets via his default route. The default route is via the same interface that inbound ipsec, then, i can not set an ip nat inside in any interface because the packets enter and go out via the same interface.

Somebody can help me?

Thanks in advance.

Labels:
0 Helpful
1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

‎12-05-2009 08:50 PM

Use this link, not exactly L2L VPN, this exmple is for Ipsec RA full tunnel  and access  internet via HUB router,  try  following  the same prinsiple for your l2l tunnel internet through CO using a loopback interface in your CO router as nat inside .. let us know how works out,

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents