cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
357
Views
0
Helpful
1
Replies
Sergey Balyura
Beginner

LAN-to-LAN IPSec VPN - spoke with a private IP

Hello, everybody!

 

I have the working hub-and-spokes VPN system over IPSec on IOS routers.

every spoke and a hub have public IP addresses to interact.

but now I have to add another spoke which has just a private IP. it is situated over the ISP NAT.

Can you give the direction where to dig?

 

on my hub I have the next set of statements for a spoke with a public IP:

 

crypto isakmp policy 1
 encr 3des
 authentication pre-share

 

crypto isakmp key PASSWORD address AA.BB.CCC.DD

 

crypto map REGION_CRYPTO_MAP 100 ipsec-isakmp
 description Tunnel to SKLAD
 set peer AA.BB.CCC.DD
 set transform-set REGION
 match address 2000
 reverse-route

 

please, help me :)

1 REPLY 1
Dinesh Moudgil
Cisco Employee

Hi,

You can follow the given document to configure static to dynamic end VPN tunnel on routers.
http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14131-ios-804.html

Hope this helps.
 

Regards,

Dinesh Moudgil
 

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
Content for Community-Ad