I have some static policy-nat issue on a Cisco IOS router (2921). I attach first of all the drawing which include the configuration (only for Site A):
So my issue is that when Server 1 is trying to telnet to 10.141.60.98 for example traffic is natted to 10.10.10.2 (inside global) instead of 10.131.50.88.
As soon as I do: ip nat inside source static 192.168.107.15 10.131.50.88 traffic is natted correctly and the IPsec tunnel comes up. But of course I don't want all the traffic from 192.168.107.15 to be natted to 10.131.50.88, only traffic with IP destination 10.141.60.98 that why I was using static policy-nat.
"As soon as I do: ip nat inside source static 192.168.107.15 10.131.50.88 traffic is natted correctly and the IPsec tunnel comes up."
That is actually wrong! The tunnel will not come up in both case. I can see that traffic initiated by server 1 (192.168.107.15) to destination 10.141.60.98 is natted to 10.131.50.88 from the debug output but that is it! the tunnel won't come up.
That is strange because in the crypto ACL : Crypto_Map_ToSiteB I can see that the ACL is hitted by packets so there is something wrong somewhere!
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.