Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 2514 and IPSEC

I have a 2154 handling many to one translations. As fas as I know IPSEC only works with a one to one translation. Are they going to implement a way for IPSEC to flow in the many to one environment or should I look for other solutions. If I had roughly ten addresses, could I reserve a pool of 9 for IPSEC only and i address if they aren't using ipsec. So to say, if my internal users wanted to surf, it would overload the one address. If they wanted to use the vpn they could grab one from the pool to be static. I am fairly new to the scene so any help would be greatly appreciated.

  • Other Network Infrastructure Subjects
4 REPLIES
New Member

Re: Cisco 2514 and IPSEC

As I am so fond of saying, anything can be done if you are willing to live with the complexity. The first question that comes to mind is what are you doing with IPSec that you would need NAT? If you are going between remote offices, then you do not need NAT. I would need more information on what is on the other side of the iPSec tunnel to provide assistance.

New Member

Re: Cisco 2514 and IPSEC

Small business using a cable modem for internet access needs to connect to a larger business via a vpn concentrator cisco 3005. the cable modem provider limits what we can do with the router. I just want the ability for users internal to the cable modem to initiate a vpn connection using cisco vpn software.

internal users-->2514-->cablemodem(internet(internet)UUNet-->vpn concentrator

New Member

Re: Cisco 2514 and IPSEC

ok, what I would do is build an IPSec tunnel from the 2514 to the 3005, I would then have a GRE tunnel from the 2514 to another router at the corporate site. In effect, the GRE tunnel could be treated as a normal wan connection between your remote site and the larger site. You should not need to do nat to get to or from the remote site to the larger site, but would only need NAT for remote site users to access the internet

New Member

Re: Cisco 2514 and IPSEC

That was my initial thought until I found out about some the cable modem provider's guidelines. They won't allow for a permanent IPSEC connection

140
Views
0
Helpful
4
Replies
This widget could not be displayed.