«

I have a Cisco 2650 w 2 T-1 WICs and IOS 12.3.
We have the internal FA0/1 doing overload NAT.
Does anyone know if it is possible to also create a tunnel between this
router and another Cisco?
Is NAT and tunnelling mutually exclusive?

TIA
Digital Doug

In article <eP2uh.4277$>,
Houston SBC <> wrote:
>I have a Cisco 2650 w 2 T-1 WICs and IOS 12.3.
>We have the internal FA0/1 doing overload NAT.
>Does anyone know if it is possible to also create a tunnel between this
>router and another Cisco?
>Is NAT and tunnelling mutually exclusive?

Not mutually exclusive, No.

I don't know the details for IOS (and I understand it changed within
the last 2 years or so); on Cisco PIX, the trick is that the ACL
that designates the tunnel traffic must describe the traffic after NAT
(for outgoing traffic) or before de-NAT (incoming traffic) -- essentially
must match what would appear on the wire if the tunnels were not
intercepting the packets and encapsulating them.

I think with a site-to-site VPN you have to apply an access-list that denies
your hosts from being NATd so they can cross the link to the other router.

"Houston SBC" <> wrote in message
news:eP2uh.4277$ ...
>I have a Cisco 2650 w 2 T-1 WICs and IOS 12.3.
> We have the internal FA0/1 doing overload NAT.
> Does anyone know if it is possible to also create a tunnel between this
> router and another Cisco?
> Is NAT and tunnelling mutually exclusive?
>
> TIA
> Digital Doug
>
>