Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
742
Views
0
Helpful
2
Replies

VPN SITE TO SITE ON INTERNET BEHIND NATED NETWORK

Gerardo Marciales
Level 1
Level 1

‎03-09-2015 12:32 AM

Hi, I want share a VPN GNS Lab with the community:

 

One network located behind another nated network initiates a VPN client that will establish a secure tunnel enabling bidirectional IP traffic between the sites. 

 

In my blog the complete lab.

 

http://gmarciales.blogspot.com/

 

Regards.

Labels:
0 Helpful
2 Replies 2

shine pothen
Level 3
Level 3

‎03-09-2015 02:45 AM

Yes, we will be able to create VPN tunneling between the sites.

you need to create a static route statement on the client device pointing to the remote branch

create crypto map accesslist with the remote branch ip address

Create NAT Excemption with the Remote branch ip

these steps should make your VPN tunnel to work.

0 Helpful

Gerardo Marciales
Level 1
Level 1
In response to shine pothen

‎03-09-2015 04:40 AM

Hi, thanks for the answer, but this case is not exactly the most frequently site to site, because only one branch can behind the tunnel.

The tunnel in this case can be initialized only for the branch behind the other nated branch.

 

the static route wil be create on demand.

 

nat exceptions (deny)...., hummmm, really, is not necesary, because the remote branch is not nated network, is a private network behind another private network, and the main branch is not necesary doing nat.

 

Like I told, is mot the most frecuently site to site.

 

Best regards.

0 Helpful
Customers Also Viewed These Support Documents