Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Port translation and IPSEC


It is possible to build a VPN tunnel between a Router 831 and a concentrator 3000 when the traffic is going accross a ADSL router using a port translation?.

What I have:

1. the Router 831 will get a dynamic extern address (from adsl router)

2. the ADSL router nat all intern address to one address (PAT, port address translation)

3. I need to split the traffic.

So on the same ADSL extern public address, I will have the IPsec traffic and the non-encripted traffic.

Is it possible and how? (L2L, Easy VPN?), Can I configure the 831 router, that he send the IKE and IPSEC traffic on tcp 10000 as a VPN client?

Thanks Gael

New Member

Re: Port translation and IPSEC

I found the solution.

Hi everybody, for people interested.

If you want to use nat overlapping (PAT), then you can use easyvpn and configure Nat-T on the concentrator (System -> Tunneling protocol -> Ipsec ->Nat-t).

It's maybe possible to create a tunnel without easyvpn when using PAT (see

) but for me this solution only work with static nat and not port translation, but I may be wrong (correct me if I am).

Cheers Gael