And just remember us where linux is in the picture ? Honestly, to troubleshoot that, we'd need to see a packet dump and eventually the config of the contivty and the vpn3k,
A hint, ipsec dont like to be nated, for your problem, this is the wrong solution for the problem, you can define: traffic selection can be specified up to port level if you need (like traffic going from 1.1.1.1 to 1.1.2.1 , tcp, src port 10, dst port 20), so i reckon nat should be excluded from the picture. Have a look at www.cisco.com/tac for sample configs involving nat and ipsec. Finally, i am sure you have a support contract with both organisations (cisco and nortel). JeF On Mon, 2003-03-03 at 12:37, Dinesh Birlasekaran wrote: > Hi all, > > I am trying to do a network printing from one to another site via the static nat > option. But so far not any luck. Can anyone help on this issue? > > The problem > ========= > > Printer <---> Cisco 6000 <--> Cisco VPN 2005 <-internet-ipsec-tunnel-> Nortel > Connectity <--> Cisco 4000 <---> Server > > Office 1 Local IP <--> Cisco 6500 <--> Real world ip <-- ipsec/NAT on the clients > side--> Real world ip<--> Cisco 4000 <-- Office 2 local ip > > Now I want to print from the server on the right hand side to the printer on the > left hand side? I am able to access the web, ssh..etc. The left hand side (i.e my > other office), has given me 2 ip address, one for the users static nat for all and > one for printer. I have natted the printer ip on the cisco vpn 3005 as to the local > ip of the printer(this is the only way I can go about it, the other office doesn't > want to do a network to network). Now if I do a print job on the server, to the > given natted ip for the printer, I am not able to get a response. Does anyone have > any ideas? > > > Thanks in advance. > > Dinesh. > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
