cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
455
Views
0
Helpful
2
Replies

establishing a VPN connection through a NAT

ssheikh2000
Level 1
Level 1

here's a basic network diagram:

*internet* ---- [cisco 831] ---- [pix 501] ---- *internal network*

i want the ablity to connect to my network when i'm away from home.  i configured the pix and tested it; i can establish a secure tunnel.

unfortunately, i don't know how to forward all ipsec traffic from the internet, through the 831, and to the pix.

can someone help out with the port forwarding commands and the inbound access list, if i need one of those too?

2 Replies 2

andrew.prince
Level 10
Level 10

You need a static IP address on the Router or PIX.

The you need to forward the relevant Protocols & TCP/UDP "Thru" the router to the PIX.

Protocol 50

UDP 500

UDP 4500

Enable NAT-T on the PIX to allow UDP/TCP encapsulation of IPSEC traffic, this will enable you to use networks that do not allow IPSEC traffic accrosd them.

HTH>

In addition to what Andrew posted, I believe you will also need to allow IP protocol 51 (Authentication Header) through your 831.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: