Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
359
Views
0
Helpful
1
Replies

VPN and port forwarding

Phillip Gibson
Level 1
Level 1

‎11-05-2013 11:33 AM - edited ‎03-04-2019 09:30 PM

Hi All,

I am no Cisco guru and are just learning so hopefully this is an easy one for someone here.

I have managed to setup a VPN between 3 sites, they are all linked together and each site can talk to the other 2.

They are all linked accross the internet in a VPN. The VPN is an IPSec site to site VPN.

I also have some port forwarding going on for things like smtp email and web mail etc...

What I have noticed is that the VPN works well and passes all the ports except for the ones listed under port forwarding.

For example, if I am at one of the sites where the email server isn't, then I cannot get to the webmail.

eg: lets say site one has the email server and has ports 25 and 443 forwarding to the email server.

Site two, will not be able to get to the webmail.

Site three will not be able to get to the webmail.

It basically just can't find it.

From anywhere else on the internet, you can access the webmail ok.

So it seems that all ports get forwarded between sites, but if I try to use something that has a specific port forwarding, then that doesn't seem to go through the VPN correctly and doesn't complete.

Any idea what might cause this type of issue ?

Any help is appreciated.

Labels:
0 Helpful
1 Reply 1

Vasilii Mikhailovskii
Level 7
Level 7

‎11-06-2013 08:48 AM

Hello, Phillip.

The issue could be due to NAT configuration vs IPSec.

Please share your NAT config and IPSec?

If the issue is due to order of operation between IPSec (crypto map) and NAT, then easiest way is to migrate from crypto map to VTI or adjust NAT with route-map.

0 Helpful
Customers Also Viewed These Support Documents