There is a presentation from Networkers that covers this (as well as the
problems with IPSec and HSRP), complete with sample configs.
http://www.cisco.com/networkers/nw00/pres/2402.pdf (Advanced IPSec
Deployment Scenarios)
HTH
Karen E Young
ELF Technologies, Inc
[EMAIL PROTECTED]
Desk: 206-770-4035
Pager: 206-994-4514
Robert Yee
<rmyee@earthl To: [EMAIL PROTECTED]
ink.net> cc:
Sent by: Subject: Re: VPN and NAT
nobody@groups
tudy.com
07/17/00
09:46 PM
Please
respond to
Robert Yee
Denao,
Have yo tried the NONAT statement in your access lists? I am by no means an
expert, but here's a link to a cisco sample configs. There are a bunch
nearthe
bottom about IPsec, NAT and NONAT.
Denao Ruttino wrote:
> I have set up a router that is doing a router-router VPN as well as VPN
> clients coming in. The problem that I am having is with NAT. I need to
set
> up 3 or 4 machines on the inside with static NAT translations and when I
do,
> it translates all traffic. Is there a way to set this up where the VPN
> traffic does not get translated for these address'? I have used the
> following:
>
> ip nat inside source static 192.8.8.150 192.8.8.150 extendable
> ip nat inside source static 192.8.8.100 200.150.15.22 extendable
> (not real address')
>
> This seems to work except for when I initiate connections from the
> 192.6.6.100 box. That only works 50% of the time.
>
> I do not have this problem on NAT pools as route map statements allow me
to
> deny translations by address. I only have this problem on the ones I
want
> to assign a specific address to.
>
> Any suggestions would be appreciated.
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]