Re: IPSec over ISDN

r.spiegel · ‎01-10-2003

Hello-

I am trying to configure an IPSec tunnul from my new home office ISDN (802) router to my corporate office 1701 router. This is my first attempt at ISDN config. Non-secured traffic over the ISDN connection works fine at this point; I can browse the web, etc from clients behind the 802, but I can not configure/establish an IPSec tunnel to the corporate 1701. I would like to be able to securely access devices behind the 1701 from the inside of my 802. One of my clients behind the 802 has the Cisco Windows VPN Client 3.6.2 configured to talk to the 1701, and this works just fine with a dial up connection, but I can’t get it to run through the 802 (ISDN) connection. I assume this has something to do with my NAT on the 802. I have tried to set up a tunnel between the 802 and the 1701, so I don’t need the VPN Client on my windows box, but I get a dynamic address for the 802 from the service provider, and I do not know how to create a tunnel to a device with a dynamic address.

Does anyone know if this is possible, and if so, how would you do it? (Links to TAC docs...?)

Thanks a lot,

Rolfe Spiegel

jfrahim · ‎01-10-2003

Hi Rolfe,

If you are getting a dynamic ip address from the service provider, you can follow this sample config:

http://www.cisco.com/warp/public/707/ios_804.html

Jazib

andrewharding · ‎01-14-2003

> Sorry folks, for some reason I hadn't seen the other response already posted.

Rolfe,

Normally you need to use IPSEC Over TCP when you connect your VPN via a NATing device. This is because the TCP port numbers usually used by a NAT device to track NATed devices are encrypted by IPSEC.

Regards

Andrew