07-25-2002 02:08 PM - edited 02-21-2020 11:57 AM
Hello,
a small question about design.
if I use the cisco example VPN between 2 routers, one site with dynamic IP
directly connected to Internet,
the other site with static IP (private address) but behind a firewall which does NAT for this hubrouter.
is this recommended or not
because of different proxy-entries on both sides ?
btw We want to use C1721 on both sides , IOS 12.2.4YA2...
Thanks for proposals.
Regards,
Stefan
07-25-2002 03:07 PM
As long as the hub router would have an ip address on the translation that is it's own, and you use esp tunneling, then it should work.
If the NAT is a PAT, then that is when you would have issues. Make sure the firewall allows for ike (udp 500) and esp (tcp 50), and the source would be any as the ip from the other router is dynamic.
Regards,
07-26-2002 09:39 AM
ok,
thank you for your answer.
regards,
stefan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide