Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN w/ 2611

I have 2 branches and a main branch each with a 2611 router running IPSEC/3DES/Firewall software verion 12.07. Each branch is behind a NAT also.I need to create a VPN from the 2 branches to the main branch.

I have tried setting this up in a test environment but the NAT part confuses me when it comes to deciding which data is encrytped and what ip address's to use for the tunnels.

Has anyone set something like this up before or have a sample config i can see for guideline? Any help on this would be greatly appreciated.


Cisco Employee

Re: VPN w/ 2611

If I understand you correctly the internal networks on the branches are being translated (using nat) to public ip on the branch routers itself. The access-list for the crypto would be based on the internal ip addresses and the ip address of the crypto peer would be the public ip address of the routers. See sample configs on: