Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

cisco 881, nat and tunnel

Hello!
I ask your advices! 

I have Cisco 881, which is connected to the Internet. 
There is a VPN-tunnel on it to a host. 
command "Ping" from 881 to this host is working. But from the PC behind the cisco is not going.
I see the Internet, but not the host.

 

That is my config:

version 15.2
!
interface Tunnel0
description --=VPN=--
ip address 10.0.0.11 255.255.255.252
tunnel source FastEthernet4
tunnel mode ipsec ipv4
tunnel destination 123.345.67.89
!
interface FastEthernet0
switchport access vlan 2
no ip address
!
interface FastEthernet4
description WAN
ip address 12.12.12.20 255.255.255.248
duplex auto
speed auto
ip nat outside
!
interface Vlan2
ip address 192.168.0.3 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list NAT interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 12.12.12.2
ip route 192.168.100.0 255.255.255.0 10.0.0.10
!
ip access-list extended NAT
permit ip 12.12.12.0 0.0.0.255 any
!

Thanks beforehands!

Everyone's tags (4)
2 REPLIES

Everything looks good here,

Everything looks good here, but the symptoms sound like the remote end is missing a return route for traffic. You should have something like this on the other router:

ip route 192.168.0.0 255.255.255.0 10.0.0.11

Can you verify that this route is present?

Does your tunnel show up up

Does your tunnel show up up on show ip interface brief?

59
Views
0
Helpful
2
Replies
CreatePlease to create content