While VPN's are great for remote access to corporate networks, NAT seems to kill Windows authentication and domain trusts. So I was wondering if it is possible configure a Router to Router (8 separate locations and 8 separate 1720's in my case) VPN and instead of having internet access setup via NAT on each router in each location have each router "route" internet access through the VPN tunnel to one central router that is configured with NAT. That way a VPN could act like a point to point connection and allow me to centralize Windows logons and management.
Thanks for the response. Now for my next question, How do I configure the remote routers to route all traffic through the VPN and is there anything special I need to do the central router to get NAT to work correctly?
I am not sure I understand your question but we don't use NAT at our remote facilities. The remote facilities all have 172.16.x.x addresses which are NAT 0 in the PIX 501 at the remote site and pulled into the tunnel and pop out at the central location still 172.16.x..x. No NATing is done. The remote devices therefore don't have direct access to the internet, which is also what we want.
No split tunnel.
It takes some planning and if you have a legacy network you might not be able to address things like this. In that case I suggest you contact Jack Daniels.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...