Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Port-to-port traffic redirection in a 1800 series with IPSec VPN

Is this possible?

I'm not sure about those IP facilities can work simultaneously.

If it can't work, there is any other way to create a VPN over DSL lines with not IPSec protocol and let me use NAT too?

Thank you all!

2 REPLIES

Re: Port-to-port traffic redirection in a 1800 series with IPSec

Hi

It depends on the ip address availability on both the sides.

AFAIK you should have a static ip at one end (may be at ur HO end) so that the necessary ipsec/isakmp parameters can be negotiated with a dynamic or static client/remote location.

Also do throw more clarity on your current setup and what you are exactly trying to do with that ..

As an alternative to IPSEC you can look onto GRE which is just a encapsulation method which looks bleak when compared to IPSEC which comes up with encryption strength.

regds

New Member

Re: Port-to-port traffic redirection in a 1800 series with IPSec

Hi,

in both sides I have a Cisco 1801 router, with a DSL line grantme Internet access with a Static public IP address.

Internally I have configured two Class C networks.

The tunnel is configured with IPSec protocol and preshared keys.

And the traffic between two sites is routed through VPN, and the rest is routed out VPN with a NATP overload.

At here this works well.

The new feature to apply is simply redirect the pettitions received un the public IP on one site at the 8080 port to an internal LAN host with the same port, 8080.

This is configurable by the command:

ip nat inside source static tcp 80.35.XXX.XXX 8080 192.168.XXX.XXX 8080

I had configured that with and without a route map to exclude VPN traffic of the NAT translation but in two cases the result not work.

At this point I look for some information about NAT and IPSec simultaneous configuration and the only info I find with sense is:

http://www.cisco.com/en/US/products/hw/routers/ps4081/products_configuration_example09186a0080094732.shtml

Point 4 of the IMPORTANT DISCLAIMERS link.

Here is when I posted this message to verify this information and to try to know other ways to do the same thing with another protocols for the VPN.

Thank you all

118
Views
0
Helpful
2
Replies
CreatePlease login to create content