Remote Access VPN with Router and ASA , with one public IP
I am setting up a vpn remote access solution with a ADSL Modem, a 1720 Router and a ASA. I only have one fixed Ip address on the Dialer Interface of the Router, and behind the Router I am using RFC1918 addresses. Also the outside interface of the ASA got an RFC1918 address. My big question:
How do I set up the Router Config, so that udp_500 and udp_4500 gets forwarded to the outside interface of the asa, and the vpn tunnel is finally terminated at the ASA. I know I have to disable nat on the ASA, nat (inside) 0 access-list ... for traffic that is supposed to be tunneled and not translated.
And I think I have to nat the destination from the public ip address to the internal RFC1918 address from the outside interface.
BUT ... it does not work. I could not find an example where the actual nat config of the router is described, and maybe nobody ever does it or it is too simple... I don´t know.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...