I have a problem where port address translation kills connectivity to port3389 through the ipsec tunnel. The Ipsec VPN has been built via cisco 837 routers. Each router connects to the internet.
Currently all remote sites normally connect to head office via an internet Cisco 837 IPSEC VPN. All remote sites are able to use terminal services, port 3389, through the IPSEC VPN.
However as soon as I place the command......... ip nat inside source static tcp 10.0.0.3 3389 interface Dialer1 3389........ on the router, sites that would normally connect to the head office via the IPSEC VPN on port 3389 loose connectivity. But, then find that they are able to connect back to head office on port 3389 via the internet!!!!
Unfortunately I really need to be able to provide two means of connecting to head office via terminal services, one through the IPSEC VPN and secondly via the internet PAT should I be at home and someone needs me to dial in so to speak..
All help would be greatly appreciated