Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Not all traffic passing with VPN

We have several Cisco routers in a hub/spoke setup (831s as spokes to a 1721 hub) with successfully established tunnels.

NAT translations are working (RDP from Internet to public IP tranlates OK and allows connection) with no issue.

All traffic is passing within the VPN with no problem, except where we have static NAT translations to an internal host.

Example:

RDP to a non-NAT translated host (LAN A private IP to hub LAN private IP) works well. (Indicates no problem with site-to-site VPN ACL)

In the case where the hub router NATs a public IP in a translation a private IP on its LAN, the remote site can only access the host via the public IP, not the private IP.

What is needed to pass traffic between VPN LANs where the end-point host is also statically NAT-ed?

2 REPLIES
Cisco Employee

Re: Not all traffic passing with VPN

Peter,

Have you configured NAT to be bypassed for the VPN Traffic.

Please refer the section "What about the static NAT though, why can I not get to that address over the IPsec tunnel?" in the below URL.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

Regards,

Arul

** Please rate all helpful posts **

New Member

Re: Not all traffic passing with VPN

Yes.

If you refer to my original message RDP will pass over the VPN in the case where we do not have an external (public) IP address translation in place: 'RDP to a non-NAT translated host (LAN A private IP to hub LAN private IP) works well.'

92
Views
0
Helpful
2
Replies