Simultaneous rdp connection via VPN client and WAN
My customer connects from his laptop to his cisco 876 using the cisco VPN client. He then starts a rdp session to the server. Now I want to connect to the same server via the WAN link. I followed this cisco document: Configuring a Router IPsec Tunnel Private-to-Private Network with NAT and a Static. But for some reasen when I add the line: ip nat inside source static 192.168.37.2 x.x.64.44 route-map RMAP the vpn cannot be established ( i'm not asked for the password), but I can then access the server via the WAN link over port 3389. In this line the 192.168.37.2 is the server, the x.x.64.44 is the WAN address. With the access list 110 this line should not nat the vpn 'rdp traffic' but nat the rdp traffice to my office.
Here is the configuration
ip address negotiated
ip access-group WANFilterInbound in
ip inspect DEFAULT100 out
ip nat outside
dialer pool 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username email@example.com password 7 105D1D1008071B0E5E
crypto map VPN-Map
no ip address
no cdp enable
ip address 192.168.37.20 255.255.255.0
ip nat inside
ip local pool B_POOL_1 10.10.38.1 10.10.38.10
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 150 interface Dialer1 overload
Re: Simultaneous rdp connection via VPN client and WAN
Thanks for your quick response, took me some days to test it.
You were absolutely right about the access list, messed up the 'ip nat inside' syntax with the access-list syntax, thanks for your answer.
The problem is still there as soon as I insert the line : ip nat inside source static 192.168.37.2 x.x.64.44 route-map RMAP the vpn cannot be established ( i'm not asked for the password), looks like some traffic is blocked. RDP from the WAN side works fine.
So what the problem is:
if i use ip nat inside source static tcp 192.168.27.2 3389 interface Dialer1 3389 then rdp from the WAN works fine, but rdp trafice over the VPN connection is send out to the internet. So what I need is a conditional NAT translation. I thought I can use the
ip nat inside source static 192.168.37.2 x.x.64.44 route-map RMAP line with
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...