Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Single remote IP for IPSec router-to-router VPN

Hi, I'm setting up a VPN to another company, and they've provided one routable IP address to be both their peer and their local internal system that we need access to.  Can I use the remote peer address in the crypto ACL?  I think they need to provide a second NAT IP for their internal system, otherwise the IPSec traffic from us destined for their peer will hit the crypto ACL.  What do you think?  Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Single remote IP for IPSec router-to-router VPN

As long as only 1 end of the peer uses the IPSec peer (terminating ip address) in the crypto ACL, that is OK. You can't have both ends as being the crypto ACL.

2 REPLIES
Cisco Employee

Re: Single remote IP for IPSec router-to-router VPN

As long as only 1 end of the peer uses the IPSec peer (terminating ip address) in the crypto ACL, that is OK. You can't have both ends as being the crypto ACL.

Re: Single remote IP for IPSec router-to-router VPN

Thanks, that's what I expected.

214
Views
0
Helpful
2
Replies