I used to have VPDN clients (Using PPTP) which I want to migrate to IPSec VPN Clients using the Cisco VPN Client. Traffic from these users was being translated (NAT) when going out to a site-to-site VPN. This was possibile by setting the VPDN virtual-template interface to 'ip nat inside'.
There is no virtual-template for IPSec VPN clients. How can I get traffic coming from these IPSec VPN Clients to be translated?
Re: NAT from VPN Client to a Site-to-Site IPSec VPN
Just to let you know that after opening a TAC case, I managed to resolve this particular problem.
The way to handle these VPN Client connections is to create a loopback interface and set this interface to be "ip nat inside". Then you need to set up a route-map so that all traffic coming from the VPN Client is sent to the Loopback interface.
In this way, traffic from the VPN Clients is translated as it is going from the 'inside' loopback interface to the 'outside'' interface going to the Site-To-Site IPSec VPN. The link below gives some guidance ... although it is not an identical scenario
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :