Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
0
Helpful
1
Replies

IPsec tunnel along with natting on the router

Kesar123456
Level 1
Level 1

‎05-23-2016 06:49 PM - edited ‎03-03-2019 08:14 AM

I want configure natting along with IPsec tunnel on the router.

We have only 1 internet circuit terminating on this router.

Labels:
0 Helpful
1 Reply 1

Tim Y
Level 1
Level 1

‎05-23-2016 09:24 PM

Hi,

There is a lot of information out there on how to do this. Cisco's own documentation is really good, however, here are a couple guides with examples you can look at:

NAT: http://www.internetworkingcareer.com/ccna/configure-nat-cisco-router/

IPSEC tunnel: http://www.internetworkingcareer.com/vpn/configure-site-site-vpn-tunnel/ 

The configurations of both don't conflict with each other except for the access-lists that define "interesting traffic" (when NAT applies, or when the tunnel applies).

Order of operations will take care of things, but to be absolutely certain, in the NAT ACL, deny the traffic that is to use the IPSEC tunnel. Using the examples in the guides, it would look like this:

ip access-list extended NAT_TRAFFIC
deny ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any

And vice versa on the other side.

Regards,

Tim

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents