We have deployed cisco 837's to our sales reps with a vpn tunnel back to HQ for email access. The 837 will allocates an ip address and dns servers via dhcp. I have configured the dhcp pool to give out the addresses of 2 internal dns servers. However, when the user tries to access email and resolve an internal name the windows client appears to timeout connecting to the dns server (as the securuty association is being built).
I was think that to keep the SA open i could run the 837 as an ntp client with the server being in the same subnet as the dns servers. This would mean the sa is always up.
However, im not sure how to tell the cisco router to encrypt traffic comming from itself as it always wants to use the public ip address.
On the pix i think the command was "management interface inside" but im not sure what the similiar command is on a router.
The following configuration would not be commonly used, but was designed to allow Cisco Secure VPN Client IPSec tunnel termination on a central router. As the tunnel comes up, the PC receives its IP address from the central router's IP address pool (in our example, the router is named "moss"), then the pool traffic can reach the local network behind moss or be routed and encrypted to the network behind the outlying router (in our example, the router is named "carter"). In addition, traffic from private network 10.13.1.X to 10.1.1.X is encrypted; the routers are doing NAT overload.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :