Comments on: Cisco – How to configure nat for an IPSec VPN http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/ Tips and Video Tutorials - Cisco .:. Linux .:. VOIP Fri, 30 Jul 2010 13:55:31 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: HPR http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-32389 HPR Mon, 29 Jun 2009 13:36:15 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-32389 HI is it posible to configure NAT for trafic intended for the IPSEC tunnel... I want to hide my inside ip but route trafik inside an IPSEC tunnel over the internet. The reciver must only see 1 IP from my nat pool HI
is it posible to configure NAT for trafic intended for the IPSEC tunnel…
I want to hide my inside ip but route trafik inside an IPSEC tunnel over the internet.
The reciver must only see 1 IP from my nat pool

]]> By: Dmitry http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-32286 Dmitry Wed, 27 May 2009 14:27:35 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-32286 Forgot to stress that marker points to the route-map command. Forgot to stress that marker points to the route-map command.

]]> By: Dmitry http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-32284 Dmitry Wed, 27 May 2009 14:22:15 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-32284 Hi Josh, thank you very much for the useful video. But what if you need translate (PAT) some public port to the inside one? ip nat inside source static tcp 192.168.10.2 3389 interface fastEthernet4 23389 route-map nonat % Invalid input detected at '^' marker. OS 12.4(T4) CISCO 877 Regards, Dmitry Hi Josh,

thank you very much for the useful video.

But what if you need translate (PAT) some public port to the inside one?

ip nat inside source static tcp 192.168.10.2 3389 interface fastEthernet4 23389 route-map nonat

% Invalid input detected at ‘^’ marker.

OS 12.4(T4) CISCO 877

Regards,
Dmitry

]]> By: Dan http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-27595 Dan Fri, 13 Mar 2009 13:30:25 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-27595 Helo. I have IOS 12.2(13), and on my device the command ip nat source route-map POLICY-NAT interface s0/0 overload won't work. After ip nat I can only use inside, outside, pool, etc as parameters but not source. Thanks in advance. Helo. I have IOS 12.2(13), and on my device the command ip nat source route-map POLICY-NAT interface s0/0 overload won’t work.
After ip nat I can only use inside, outside, pool, etc as parameters but not source. Thanks in advance.

]]> By: Ahmed http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-27540 Ahmed Thu, 12 Mar 2009 14:17:54 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-27540 the command i am using here is.. ip nat inside soure route-map NAT-POLICY pool IP-POOL. the command i am using here is..

ip nat inside soure route-map NAT-POLICY pool IP-POOL.

]]> By: Ahmed http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-27539 Ahmed Thu, 12 Mar 2009 14:15:42 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-27539 Dear all.. as you all know that there is probelm when you configure IPsec and NAT on same router.. The soloution is shown in the video for this cisco have a sloution like configuring a route-map putting some access lists in it to bypass vpn traffic from nat operation.. This solution for me is working in case when there is nat overload (PAT) and for static nat .. but it is not working for Dynamic nat where we also have a list of ip address to be translated with .. which we define in ip nat pool statement.. can any one give me some sollution for this... i hope you understand what i mean.. if you need some details what i am talking about please read the link http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml even this example is giving such a solution for PAT and Static nat but not for dynamic nat.. i believe i can get a solution from you.. Regards, Ahmed Ali Dear all..

as you all know that there is probelm when you configure IPsec and NAT on same router..
The soloution is shown in the video

for this cisco have a sloution like configuring a route-map putting some access lists in it to bypass vpn traffic from nat operation..

This solution for me is working in case when there is nat overload (PAT) and for static nat .. but it is not working for Dynamic nat where we also have a list of ip address to be translated with .. which we define in ip nat pool statement..

can any one give me some sollution for this…
i hope you understand what i mean..

if you need some details what i am talking about please read the link
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

even this example is giving such a solution for PAT and Static nat but not for dynamic nat..

i believe i can get a solution from you..

Regards,

Ahmed Ali

]]> By: John http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-17695 John Fri, 24 Oct 2008 13:29:52 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-17695 I'm now 3 weeks total into my Cisco experience and I have to say this page was a godsend. No one I've talked to (CCNAs and CCIEs included) knew about applying a route-map to a static NAT like this. Solved a brain scrambling problem I've been having. Thanks! I’m now 3 weeks total into my Cisco experience and I have to say this page was a godsend. No one I’ve talked to (CCNAs and CCIEs included) knew about applying a route-map to a static NAT like this. Solved a brain scrambling problem I’ve been having.

Thanks!

]]> By: bibo4shizo http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-17479 bibo4shizo Tue, 21 Oct 2008 03:18:12 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-17479 thanks a lot josh,let me go through the document I have gotten from the link.You know I'm struggling with too many technologies these days,rushing from VoIP to GSM/GPRS.I guess I will be relying on you guys for some help. thanks a lot josh,let me go through the document I have gotten from the link.You know I’m struggling with too many technologies these days,rushing from VoIP to GSM/GPRS.I guess I will be relying on you guys for some help.

]]> By: Josh http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-17464 Josh Tue, 21 Oct 2008 00:41:07 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-17464 bibo4shizo, Yes, it is possible. Take a look at this link. http://www.cisco.com/en/US/docs/routers/access/1800/1801/software/configuration/guide/vpnezvpn.html Josh bibo4shizo,

Yes, it is possible. Take a look at this link.

http://www.cisco.com/en/US/docs/routers/access/1800/1801/software/configuration/guide/vpnezvpn.html

Josh

]]> By: bibo4shizo http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/comment-page-1/#comment-17209 bibo4shizo Fri, 17 Oct 2008 04:10:25 +0000 http://www.blindhog.net/cisco-how-to-configure-nat-for-an-ipsec-vpn/#comment-17209 Hi guys nice topic.Though a bit out of topic,I wanted to find out if you can have point to point IPSEC VPN and also Easy VPN at one of the vpn ends. I have deployed easy VPN without p2p VPN and the other way round. Please advise Hi guys nice topic.Though a bit out of topic,I wanted to find out if you can have point to point IPSEC VPN and also Easy VPN at one of the vpn ends.

I have deployed easy VPN without p2p VPN and the other way round.

Please advise

]]>