iipsec vpn between cisco routers, using dsl modem(NAT ROUTER)

45 pts.
Tags:
Cisco Routers
IPsec
IPsec VPN
NAT
VPN
VPN design
Hi, I have two office and both office have broadband connection. I would like to know how to connect these sites using (ipsec vpn ) cisco routers through dsl modem connection.Both offices have static IP. I have lab experience in configuring site to site ipsec VPN. Now I am confused about applying 'crypto map' in interface. What type of modem should I need to use? What are the configuration steps I needed? My existing connection topology is modem terminate the dsl connection and it also work as Nat router. Should I need to replace modem ?, Which cisco series routers can I use for SOHO? Please help me....

Answer Wiki

Thanks. We'll let you know when a new response is added.

I would make sure that the dsl modem is configured to pass all protocols, and is not trying to do the VPN itself, that is a common reason for problems. If it still does the nat, that is OK, but also make sure that the nat translates the ‘real’ fixed IP address and forwards that to the ‘private’ ip address of the cisco router.

Then you just do the config for the VPN like you did in the lab, and apply it to the ethernet interface that goes to the dsl modem. The address in the crypto config needs to be the ‘real’ ip address of the other router. Apply it to the interface with the command ‘crypto map {name}’ where {name} is what you called the crypto map, and do this under the interface config.

If you need a more detailed config, let me know and I will try to post it as soon as I can.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Jfernatt
    I think BlankReq's answer is going to be exactly what you need to get yourself working. If on the remote chance your modem will not let you pass the external IP through, the 82X series Cisco routers will terminate XDSL. Good luck.
    605 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following