Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Creating IPSEC LAN-to-LAN with a public IP through tunnel


Very glad to have found this support community and hope to contribute in any way I can! I've been tasked with the setup of an IPSEC lan-to-lan tunnel. I'm fairly comfortable normally with these configurations, except in this instance the remote end does not want to see the our end's local LAN addresses come through the tunnel, they wish to see a public ip instead (so they don't have to worry about overlapping networks with other companies they create IPSEC tunnels to). I've been scratching my head about how to do this. Can I use NAT to overload these private IPs to a loopback address with a public IP before sending through the tunnel? So to clarify here's what the remote end is asking for:

Our side:

Public IP range(for example let's say it's /28)

LAN IP ( / 24)

Remote End

Public IP range(for example let's say it's /28)

Remote end's "LAN" destination for other end of the tunnel ( /28)

So when this tunnel gets initiated, the remote end wants to see something from the space, NOT

( / 24).

Any help is really appreciated.. maybe I'm making this more complicated than it has to be?

EDIT: I should add this config is going to be done a 2821 Router.

CreatePlease login to create content