Re: VPN and NAT

Karen . Young Tue, 18 Jul 2000 09:25:15 -0700

There is a presentation from Networkers that covers this (as well as the
problems with IPSec and HSRP), complete with sample configs.

http://www.cisco.com/networkers/nw00/pres/2402.pdf   (Advanced IPSec
Deployment Scenarios)

HTH

Karen E Young
ELF Technologies, Inc
[EMAIL PROTECTED]
Desk:  206-770-4035
Pager:  206-994-4514



                                                                                       
                     
                    Robert Yee                                                         
                     
                    <rmyee@earthl        To:     [EMAIL PROTECTED]                  
                     
                    ink.net>             cc:                                           
                     
                    Sent by:             Subject:     Re: VPN and NAT                  
                     
                    nobody@groups                                                      
                     
                    tudy.com                                                           
                     
                                                                                       
                     
                                                                                       
                     
                    07/17/00                                                           
                     
                    09:46 PM                                                           
                     
                    Please                                                             
                     
                    respond to                                                         
                     
                    Robert Yee                                                         
                     
                                                                                       
                     
                                                                                       
                     



Denao,

Have yo tried the NONAT statement in your access lists? I am by no means an
expert, but here's a link to a cisco sample configs. There are a bunch
nearthe
bottom about IPsec, NAT and NONAT.

Denao Ruttino wrote:

> I have set up a router that is doing a router-router VPN as well as VPN
> clients coming in.  The problem that I am having is with NAT.  I need to
set
> up 3 or 4 machines on the inside with static NAT translations and when I
do,
> it translates all traffic.  Is there a way to set this up where the VPN
> traffic does not get translated for these address'?  I have used the
> following:
>
> ip nat inside source static 192.8.8.150 192.8.8.150 extendable
> ip nat inside source static 192.8.8.100 200.150.15.22 extendable
>   (not real address')
>
> This seems to work except for when I initiate connections from the
> 192.6.6.100 box.  That only works 50% of the time.
>
> I do not have this problem on NAT pools as route map statements allow me
to
> deny translations by address.  I only have this problem on the ones I
want
> to assign a specific address to.
>
> Any suggestions would be appreciated.
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---

___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN and NAT

Reply via email to
