Re: PIX / IOS to CVPN client 3.5.2B(behind NAT)

tkpsimon · ‎07-03-2002

HI everybody,

I know a lot of people out there should see this issue, once the client is behind some NAT device, and they cannot create the VPN tunnel with either the PIX or IOS router. I think this is really common setting for a lot of company out there. and you cannot always have a static NAT for each connection.

Are there anyone has any soluction for this, so the client(behine NAT) can connect to either the PIX or IOS.

Look forward for any suggestion, i really appreciate that.

Silvia

awaheed · ‎07-03-2002

Hi Silvia,

At this time Cisco is working towards providing a solution with something like IPSec/NAT for the PIX and IOS aswell (just like the VPN3000). Thats the only way I see these packets to go through the PAT in the middle. If anyone has any other suggestions please feel free to add to this.

Regards,

Aamir Waheed,

Cisco Systems, Inc.

-=-=-

nejjari · ‎07-12-2002

Hi,

If the device doing the NAT at the remote site is a cisco router.

Try :

http://www.cisco.com/warp/public/471/ios_pat_ipsec_tunnel.html

Its worked for me !

Abdelilah

bdowney · ‎07-12-2002

I have heard a lot of people asking for this, my self included. I spoke with some of the "PIX Guys" at Networkers (San Diego) and they told me that IPSec through NAT (UDP encapsulation) like the VPN 3000 would be aviable in PIX-OS 6.3 due out in Jan 2003.