03-23-2007 03:38 PM
Hello,
Actually I need to know the possibility to have one interface on a router configured for NATing and a crypto map for L2L VPN.
Is there any overlapping or confusion might happened !!!
For example:
interface GigabitEthernet0/1
ip address 192.168.6.12 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map xxx-vpn
03-29-2007 12:45 PM
I think it is fine to have one interface configured for NAT and Crypto as NAT translation is done before encryption also de-cryption is done before NAT translation. Following link may help you
http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml
04-12-2007 08:34 AM
Yeah it works fine with me. I have configured router serial interface to do nat and also has a crypto map on it.
Well what seems tricky to me is , can the the serial interface ip itself can be used to nat (overload) internal ip used for a vpn tunnel and be a peering ip for the remote peer at the same time.
Can someone add to this.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: