Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN between two 877 routers, ports blocked when NAT also used

Hi

I have two sites connected by VPN's with some 877 routers.

192.168.130.x -- 877 router -- INTERNET -- 877 router -- 192.168.140.x

when on the 192.168.130.x network and trying to get to the video camera system on port 80 on 192.168.140.200 or vnc to this machine (port 5900) this works fine.

Now if someone external to the company wants to get on the Video camera machine, or to vnc onto this machine I set up the NAT rules to forward ports 80 and 5900 to the internal PC. The external person can then vnc or view the web interface for the cameras, However if on the 192.168.130.x network you can no longer vpn or go to http://192.168.140.200

Removing the nat rules solves the problem but I want to have my cake and eat it too. Is there a command I can issue that will tell the router to ignore NAT rules for VPN traffic?

Thanks in Advance

2 REPLIES

Re: VPN between two 877 routers, ports blocked when NAT also use

Your NAT instructions are probably not configured correctly .. the traffic from 192.168.130.X to 192.168.140.X should bypass any NAT instructions.

Can you post the config of both routers ..?

New Member

Re: VPN between two 877 routers, ports blocked when NAT also use

Attached is the config for the 192.168.140.x router - this is the router where if port 80 is forwarded the traffic from 130.x can't get to port 80 on the same host.

199
Views
0
Helpful
2
Replies