Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
872
Views
0
Helpful
4
Replies

Internet Access via VPN Client Tunnel

Go to solution
NISITNETC
Level 1
Level 1

‎06-06-2011 06:10 AM

Hello,

we use the Cisco VPN-Client to connect to our CISCO1921 Router and want to go out again on the same interface to the internet. We configured the connection with the IOS scurity package, have no split tunneling - so the client is forced with it's default gateway to our router - we also have pushed our local dns-server to the client and he gets dns results. Now I think we have to got out with some kind of NAT, because our client has a private IP from the IPSec Client pool. At the moment we have no NAT inside/outside, bacause we only use official IP addres in- and ouside (data-room usage).

- Is it possible to get the NAT function going in and out on the same interface with crypto_map IPSec user comming in and going out to the internet ?

- Is it more secure to configure this with vrf ?

- Has some a link to example configurations for this ?

Thanks !

NISITNETC

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10

‎06-06-2011 06:57 AM

Hi ,

To acomplish that you have to create  loopback interface and policy map ,  have you come across this link bellow?,  follow example in this link.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

Regards

Jorge Rodriguez

View solution in original post

0 Helpful
4 Replies 4

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10

‎06-06-2011 06:57 AM

Hi ,

To acomplish that you have to create  loopback interface and policy map ,  have you come across this link bellow?,  follow example in this link.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

Regards

Jorge Rodriguez
0 Helpful

Go to solution
NISITNETC
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎06-06-2011 03:00 PM

Hi Jorge,

thanks for the link. We will also try the NVI version now:

http://inetpro.org/wiki/IPSec:_Router_and_VPN_Client_for_Public_Internet_on_a_Stick_with_NVI

Grüße

NISITNETC

0 Helpful

Go to solution
NISITNETC
Level 1
Level 1
In response to NISITNETC

‎06-07-2011 03:46 AM

NVI

We just tried to find an easy solution and this works finde now. We use the NVI way - see the example obove, can't be documented better ...

Thanks !

NISITNETC

0 Helpful

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10
In response to NISITNETC

‎06-07-2011 07:52 AM

Thanks for providing that additional info on NVI ..

Regards

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents