09-28-2006 05:59 AM - edited 03-03-2019 02:09 PM
Greetings,
I would like to bring up a site-to-site VPN between 2 cisco routers. The difficult part is that one of them can only get an internet connection to its WAN port from another router. The upstream router is holding the public IP on its WAN port.
Detailsare:
SiteA: 1811 router with address x.x.x.x. This address is fully routable/public ip
SiteB: 1841 router with address 192.168.0.x on its WAN port.
Is it possible to bring up a site-to-site VPN tunnel between the 1811 and the 1841? What is required of the router sittning between the 1841 and the internet?
TIA
09-28-2006 07:40 AM
You can do a one to one nat on that router such that it xlates for the 1841 with a public ip. I have had success with that before.
HTH pls rate!
09-28-2006 09:56 AM
Charles
Yes you can set up a site to site VPN where one of the routers has a dynamically assigned address. The key parts of making this work is that on the router with fixed address the crypto key is configured for address 0.0.0.0 and the crypto map is configured as a dynamic map. Also note that in this situation the router with fixed address can not initiate the connection, it must be initiated by the router with dynamic address.
This link sound very similar to what you describe and should be enough to get you going:
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: