Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

VPN Design - router with only 1 network interface

Hello all,

This may sound like a dumb question. We need to set up a new VPN connection to a customer and they have an IPSEC capable router with only 1 network interface. It has a private IP, the router is placed in a DMZ.

Is it possible to terminate a VPN connection on that router ? Or you need 2 network interfaces (one private, one public) ?

Thanks in advance,

Stefan

4 REPLIES
Community Member

Re: VPN Design - router with only 1 network interface

Hi,

You know what i have just tried to assign a crypto map to a subinteface with dotq encapsulation and the router accepted it and enabled ISAKMP on it!

So with another subinterface with another dotq vlan encapsulation i guess you can terminate a vpn connection to the first one and forward decrypted traffic to the second.

I will try this later and i will post results as soon as i've done it (if it work of caurse)

Community Member

Re: VPN Design - router with only 1 network interface

Interesting. Please, post results with some configuration examples, when you have them ;)

Thanks,

Stefan

Community Member

Re: VPN Design - router with only 1 network interface

Hi Stefan,

Here is the configuration with some explanations.

I hope this will help you.

Community Member

Re: VPN Design - router with only 1 network interface

That's an excellent explanation, thanks a lot.

487
Views
10
Helpful
4
Replies
CreatePlease to create content