Hello, everybody!
I have the working hub-and-spokes VPN system over IPSec on IOS routers.
every spoke and a hub have public IP addresses to interact.
but now I have to add another spoke which has just a private IP. it is situated over the ISP NAT.
Can you give the direction where to dig?
on my hub I have the next set of statements for a spoke with a public IP:
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key PASSWORD address AA.BB.CCC.DD
crypto map REGION_CRYPTO_MAP 100 ipsec-isakmp
description Tunnel to SKLAD
set peer AA.BB.CCC.DD
set transform-set REGION
match address 2000
reverse-route
please, help me :)