I have the setup below, where IPVPN_A is an existing network and IPVPN_B will be a new network. Looking at exising configuration for IPVPN_A, there's no NAT configured on ABC and XYZ firewalls, just routing. For example, from ABC I route to XYZ via 172.21.0.254.
When IPVPN_B is added in, routes between ABC and XYZ has been set to go via IPVPN_B as primary and via IPVPN_A as backup. Still the same, no NAT was configured on both side, but I can't reach XYZ from ABC. When I configured Static NAT at ABC, I can reach XYZ WAN IP (10.20.84.2) only, not the LAN IP. When performed traceroute from ABC to 10.20.84.2 (WAN) and 172.22.2.2 (LAN), can see the first 3 hops are the same, but at hop 4 it is going to different hops. Hence, can I conclude that for IPVPN_B, ABC and XYZ LAN IPs are not within their routing table?
Not sure what/how is the IPVPN_A and IPVPN_B configuration, but if normal Service Providers won't be advertising client's LAN, right? But when I traceroute from ABC to XYZ using IPVPN_A, I can see within their internal network is a Public IP.
So, I'd like to know what are the options I have to have a valid connectivity between ABC and XYZ via IPVPN_B. 1) Any method of doing NAT on both ABC and XYZ? 2) Or create site-to-site VPN between ABC and XYZ will be easier?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :