I'm having trouble deploying a LAN-to-LAN VPN/IPSec tunnel between a VPN3005 (v4.7) and a CS1721 IOS router (v 12.3.7). I believe it is a design thing. Both VPN3005 and the CS1721 have several LANs on their local network. What i want to do is for a particular IP network, from the CS1721 side, access Internet trough the VPN30005 (headquarters).
How are the LANs defined both on the VPN3005 and on the CS1721 (see example)?
LAN1 - 10.10.10.0/24
LAN2 - 10.10.20.0/24
PUBLIC IP - 18.104.22.168/30 - example
GW - 22.214.171.124 (Local Internet router)
LAN1 - 10.100.10.0/24
LAN2 - 10.100.20.0/24
LAN3 - 192.168.10.0/24
I want that both LAN1 and LAN2 from CS1721 access Internet locally an LAN3 access Internet trough the VPN/IPsec tunnel.
Re: IPSec LAN-to-LAN (VPN3005 to IOS) Troubleshooting
Document provides an explanation of common debug commands that are used to troubleshoot IPsec issues on both the Cisco IOS. Software and PIX. It is assumed that an attempt to configure IPsec is completed. Refer to Common IPsec Error Messages and Common IPSec Issues for more details
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...