I have set up VPN between a hub and two spokes. The tunnels are up and I can ping the public interface and tunnel interface from the hub to the spokes. EIGRP is working internal to each spoke and the hub. However, I can't get EIGRP to cross the VPN. I removed the network statement for the public interface and replace it with the Tunnel Ip address. I can't route because noboby knows how to get anywhere. The hub will have another connection directly to the internet for all www traffic. I haven't tried this as I need to get routing across the VPN first.
You have posted essentially the same question in the Service Provider VPN Service Architecture forum where I have posted an answer. I suggest that any further discussion of this be consolidated in that forum.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...