I am trying to set up the roaming users, who access to the company network via Ipsec vpn, to be NATted when accessing to one of the internal networks.
I can set "ip nat outside" on the interface that connects to that internal network. How about "ip nat inside" ? Can I set a virtual interface for the roaming users in order to apply "ip nat inside" ?
I searched on Cisco site and they show a solution for VPDN/PPP but I use IpSec.
Thanks,
DT
Create Interface Tunnel and IPsec ACL applied on GRE tunnel.
interface Tunnel1 description GPRS tunnel source xxx tunnel destination yyy ip nat inside . . access-list IPSEC permit gre host xxx host yyy . ip route Tunnel1
of course , mobile operator must support this metod.
One method I just found and tested sucesfully :-) is to use NAT virtual interfaces. In this case, it is unecessary to have "ip nat inside" or "ip nat outside"; and the "ip nat source list" with the correct access-lists will help select the appropriate conversion.
DT
Marek, thanks for your reply. Although I just found one method ( see my reply to my OP ), I am going to try your method now. I want to learn different ways to do things.
Thanks,
DT
Marek, thanks for your reply. Although I just found one method ( see my reply to my OP ), I am going to try your method now. I want to learn different ways to do things.
Thanks,
DT
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.