Re: LAN-toLAN easy VPN nat from non-cisco device

KevinLeek · ‎08-25-2005

I have a Cisco Concentrator VPN setup which hands out addresses from a specific subnet via Easy VPN. Now I need to establish an IPSec tunnel with a non-Cisco device. I can establish a LAN-to-LAN tunnel via IPSec, but how do I replicate the Easy VPN setup. I would like all incoming traffic from the tunnel to show as a single assigned IP address in our internal network. The LAN-to-LAN NAT rules seem to NAT outgoing traffic but that is not what I'm doing. Since the other side is a non-Cisco device, I can't send them the LAN-to-LAN NAT instructions either.

umedryk · ‎08-31-2005

As far as I know, you cannot have Easy VPN server and client relationship between a Cisco and a non-Cisco device.

KevinLeek · ‎08-31-2005

I know the non-Cisco device can not have an Easy VPN Client relationship with the Concentrator. But I am trying to emulate that setup across the LAN-to-LAN by having all traffic NAT to a single address on our internal network. So far that's not working. It looks like I can only NAT my outgoing traffic to the other network.

rating_is_vital · ‎09-01-2005

Hi Kevin,

Providing you have experience in configuring the Concentrator as a EZVPN server, why would it be different with the new scenario in terms of Concentrator configuration?

The guide below is very basic but may be useful:

http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a00800945cf.shtml

rating_is_vital · ‎09-05-2005

Hi Kevin,

Any update?