Hi i have set up an easy vpn server on cisco 1841 running Adv.IP Services 12.4.20.T
The router has 2 adsls and they are configured for load balancing. There is no def.gw configured. Instead, the ppp ipcp route default command exists in both dialer interfaces. Using CEF, i have load balancing working fine.
Dialer 1 interface has static IP, hence we want this to accept the vpn connections.
I have also set a local policy route-map saying that each packet with source IP that of the dialer interface, should leave via dialer 1.
But, when a VPN client tries to connect to the router, it gets associated but all the encypted replies from the router are exiting dialer 2 interface. This is a different ISP and so, it blocks these packets.
Whatever destination inside the local lan, the vpn client tries to reach, here is what happens (i have debugged and seen the packets):
Packets from the vpn client, arrive to the router, get decrypted and then forwarded to the lan.
The local host replies, packets arrive to the router, get encrypted and...exit the wrong interface!!
When i insert in the routing table of the 1841, a static entry for the remote host via dialer 1, everything works fine!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...