I need some help getting PPTP working properly through NAT. My setup includes a Cisco 7206 NAT router running IOS 12.3(14)T7 Enterprise Edition, and a Cisco 3030 concentrator.
My situation is that I need multiple PPTP clients behind the NAT router, to be able to establish sessions to my Cisco VPN concentrator
3030 (as well as other PPTP servers on the web - but I'll start with my own!).My setup is as follows:
Client #1---->fa0/0-7206(NAT)fa0/1---->PPTP VPN( 3030) Client #2---| etc:
If I use a pool of global addresses with PAT, like below, I can't establish any PPTP sessions, not even one!
ip nat pool macconnect-nat 130.123.109.3 130.123.109.40 prefix-length
24 ip nat inside source list 2 pool connect-natIf I add the overload option, like below, I can start one PPTP session, but no others.
ip nat pool connect-nat 130.123.109.3 130.123.109.40 prefix-length 24 ip nat inside source list 2 pool connect-nat overload
I guess my first question is should either of my scenarios above work?. Do I have something configured wrong, or is the problem elsewhere? I am open to using a global address pool and 1:1 NAT if that's what needed. Can anyone help?
-Mike