Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
0
Helpful
5
Replies

VPN Client 3.5x behind 803 with NAT to PIX 515

bkisters
Level 1
Level 1

‎05-12-2002 01:42 AM - edited ‎02-21-2020 11:44 AM

The home office router 803 connects call-by-call to the Internet.

Is it possible to run a VPN Client on the ethernet of the router against the PIX?

Are there special things to configure on that router?

A direct connection from the Client, it dials direct to the internet, works together with PIX.

Labels:
0 Helpful
5 Replies 5

vijkrish
Cisco Employee
Cisco Employee

‎05-16-2002 07:20 AM

Yes, it is possible. No config is needed on the router (other than NAT).

See notes below from URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122relnt/800/rn800xi.htm

IP Security Through Network Address Translation Support

Cisco IOS Release 12.2(2)XI IP Security (IPSec) supports clients that do not use TCP wrapping or UDP wrapping. On Cisco 80-804 routers and Cisco 806 routers, this feature allows clients

that have wrapping disabled, or clients that do not support wrapping, to use IPSec. Each client creates an IPSec tunnel, and NAT translates the private IP addresses of these packets to public

IP addresses.

On the Cisco 801, 802, 803 or 804 routers, you must enter the following global configuration mode command for this feature to work:

ip nat inside source list number interface bri number overload

In this command, number refers to the source list number, and the basic rate interface number, respectively. The document at the following URL contains an example configuration:

0 Helpful

bkisters
Level 1
Level 1
In response to vijkrish

‎05-17-2002 08:31 AM

Hi,

thanks for the good anwser to my question.

The URL for the example is missing.

bernd

0 Helpful

vijkrish
Cisco Employee
Cisco Employee
In response to bkisters

‎05-17-2002 11:59 AM

You are welcome. I am able to view the entire posting and the URL is indeed there. Try viewing entire posting and if still problem, let me know and I will send the posting via

email.

Best Regards.

0 Helpful

bkisters
Level 1
Level 1
In response to vijkrish

‎05-17-2002 02:45 PM

Ok, one last question to that problem. I am using ios rel. 12.0.7-t and does really not work.

Do I need the release to mentioned in your first answer?

much thanks and best regards

bernd

0 Helpful

vijkrish
Cisco Employee
Cisco Employee
In response to bkisters

‎05-26-2002 11:20 PM

Yes, if you want this feature, then you need to use that IOS. Also keep in mind that T train (images with T in their name - technology train) and XB (limited life time) are used for new feature introductions and with every new feature there could be some minor issues. Best bet is to run a mainline IOS image or

to use an interim or limited life time based image.

0 Helpful
Customers Also Viewed These Support Documents