Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
0
Helpful
1
Replies

Routing problem with public to private IP

jonstine
Level 1
Level 1

‎10-28-2004 02:13 PM - edited ‎03-02-2019 07:36 PM

I am trying to get a VPN circuit up, but have not been able to get any connectivity over the WAN.

The near-side VPN source (3725rtr) is an internet-facing interface with a public IP.

The remote VPN destination (2621rtr) is an internet-facing interface with a private IP. The 2621 sits behind a border router (7206rtr) with a public IP on it's internet-facing interface and a private IP on it's internal-facing interface (directly connected to the 2621rtr). The remote VPN engineers have expressed no interest in NAT for the VPN destination IP.

Is there a way to route VPN traffic from the VPN source (public IP) to the VPN destination (private IP) without using NAT in the 7206rtr?

I tried to use an "ip route" statement in 3725rtr:

ip route <2621rtr private> <mask> <7206rtr public>

and another one in the 7206rtr:

ip route <2621rtr private> <mask> <FastEthernetx/x>

(the directly connected interface btwn the 7206 and the 2621)

But this doesn't work. I suspect that the problem is due to the fact that private IP's are not routable. Are there other options, protocols, routing statements that will enable this tunnel?

Thanks for any assistance.

Jon

Labels:
0 Helpful
1 Reply 1

sstudsdahl
Level 4
Level 4

‎10-28-2004 02:35 PM

The only other option that I can think that you have would be to setup a tunnel between the 3725rtr and the 7206rtr and then setup the VPN connection going through this tunnel. With the tunnel setup between these two routers, you should be able to communicate to the private IP address across the Internet.

Here is a link to setting up a GRE tunnel. It discusses using it with IPSec for a VPN connection, but you don't necessarily have to implement the encryption across this tunnel if the only purpose is to carry the encrypted VPN traffic.

http://www.cisco.com/univercd/cc/td/doc/product/core/7100/swcg/6342gre.htm

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card