Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2223
Views
0
Helpful
1
Replies

NAT traffic over VPN tunnel on router IOS

Go to solution
James Prosba
Level 1
Level 1

‎11-17-2010 06:18 AM

I need to setup a VPN tunnel that NATs traffic over it.  I already have VPN tunnels established as well as NAT traffic.  I've done this on an ASA and VPN concentrator, but have seen some places where people say its not possible on a router nor have I seen any real hard evidence either way.  For example, I'm running a Cisco 2801 router with 12.4(8a) and Advanced Security.  This can be quite tricky because the subnet/vlan we need to NAT does need to pass traffic as normal over other VPN tunnels, and be NATed out to the Internet directly.  Are there, any limitations on this such as IOS version, being a router itself, NAT configuration, etc.  Any assistance is greatly appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎11-17-2010 06:22 AM

Hi James,

You can NAT the VPN traffic as you do with ASAs on IOS routers.

What you do is that you create an ACL to define the traffic to be NATed, apply the ACL to a NAT rule, and condition that NAT statement with a route-map to only happen when traffic is going to be sent through the tunnel.

Federico.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎11-17-2010 06:22 AM

Hi James,

You can NAT the VPN traffic as you do with ASAs on IOS routers.

What you do is that you create an ACL to define the traffic to be NATed, apply the ACL to a NAT rule, and condition that NAT statement with a route-map to only happen when traffic is going to be sent through the tunnel.

Federico.

0 Helpful
Customers Also Viewed These Support Documents