Hello,
I need to staticly nat internal adresses before an IPSEC tunnel over ISDN 8-0 !!!
internal network adresse is : 10.0.0.1 nated to 192.168.0.2 (static nat) remote network : 192.168.254.0 (this network accept only the address
192.168.0.2)Could this configuration work :
interface FastEthernet0/0 Description INTERNAL ip address 10.0.0.254 255.255.255.0 duplex auto speed auto ip nat inside no mop enabled
interface BRI0/0/0 Description ISDN to remote site no ip address encapsulation ppp no ip mroute-cache dialer pool-member 1 isdn switch-type vn3 ppp authentication chap
interface Dialer1 ip address 192.168.0.22 255.255.255.252 ip nat outside ip virtual-reassembly encapsulation ppp no ip mroute-cache dialer pool 1 dialer-group 1 no peer default ip address ppp authentication chap crypto map CDC-map
crypto isakmp policy 10 encr 3des hash md5 authentication pre-share crypto isakmp key ******** address 192.168.0.21
crypto ipsec transform-set CDC-transform-set esp-3des esp-md5-hmac
crypto map CDC-map local-address Dialer1 crypto map CDC-map 10 ipsec-isakmp set peer 192.168.0.21 set transform-set CDC-transform-set match address CDC-ACL
ip route 192.168.254.0 255.255.255.0 192.168.0.21
ip nat inside source static 10.0.0.1 192.168.6.2
ip access-list extended CDC-ACL permit ip host 192.168.6.2 192.168.254.0 0.0.0.255 deny ip any any log
Thanks for your help !