I'm trying to create a VPN Tunnel between our company and one of our clients. The topology in our site is very basic. We have a cisco 2821 Router/Firewall with only 2 interfaces. One interface connects to the internet and the other connects to our LAN. We have six web servers running Microsoft NLB and need to give our client access to those machines without revealing the private IP's of the machines.
The first issue that I'm having is that when I try to do a trace route from any of the web servers running NLB to the Peer at the client site, the originating IP that shows up in debug mode is that of the actual host (Not the virtual IP used by NLB).
The second issue is that I need to somehow set up VPN NAT, (or some type of translation), which will help hide the internal subnet. As I mentioned earlier, we only have two interfaces on the router. Can someone please help by letting me know how this can be done? I'm not sure as to how to proceed... I think I may need to create a VLAN to achieve this, but any ideas or suggestions would be extremely helpful.
One more thing to add is that we have multiple clients on the six clustered web servers. This is the first client that would like a tunnel between our site and theirs.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...