Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IOS VPN router-router with NAT Overload

Hi Guys,

I have configured VPN and want to use internet via same link. I can ping any public ip from router, but can't ping (get many loses) during ping from inside host.

I have attached my config file..

I hope you guys will help me finding my configuration bug.

4 REPLIES
Blue

Re: IOS VPN router-router with NAT Overload

Your configuration looks perfect to me.

You are implementing a split tunnel. IPSec tunnel traffic sourced from vlan 1 and destined for the 3 subnets in your ACL does not get NATed, but Internet traffic does.

The crypto policy looks typical.

You rely on a recursive lookup to find the route to the IPSec peer.

The NATing looks typical, too.

Am I missing anything?

Can you do a "sho ip nat trans*" and run a PING test to an Internet host and source the vlan and post the results?

Is tunnel traffic OK?

Victor

Community Member

Re: IOS VPN router-router with NAT Overload

Thanks for reply,

The tunnel is perfect, and is in operation for last 15 days with no issue.

The NAT translation works fine. I even get some ping packet reply from google.com but just 1-5% reply, rest are lost. I will be posting nat and ping reply shortly.

Blue

Re: IOS VPN router-router with NAT Overload

?

Community Member

Re: IOS VPN router-router with NAT Overload

I have attached the sh ip nat and ping response from the remote office branch.

280
Views
0
Helpful
4
Replies
CreatePlease to create content