ipsec tunnel using pix and cisco behined dsl router

Discussion in 'Cisco' started by jcharth@hotmail.com, Jun 27, 2005.

  1. Guest

    Hello company uses a dsl router call cayman63, i believe it is cable of
    mapping the statically assign ip of the dsl provider to the cisco
    router interface. Is this necessary to establish an ipsec tunel? or can
    it be done using mapping the external interface/ port to the a router
    behind a cheap dsl router.

    Thanks
    , Jun 27, 2005
    #1
    1. Advertising

  2. Guest

    Hi
    Generally ipsec needs a dedicated static ip address to form tunnel and
    pass data .
    What kind of Ipsec tunnel are we building here ..lan to lan or remote
    access vpn ?

    In remote access vpn , using nat tranparency feature on VPN gateway and
    vpn client ...u can bypass any nat device in between .

    HTH
    SH
    , Jun 28, 2005
    #2
    1. Advertising

  3. Guest

    Thanks for the reply it is a tunnel between a remote site using a cisco
    17xx series and a pix firewall. I believe the feature that maps the
    external ip of the adsl router to the ciscorouter is call ipmaps, i did
    not find much documentation about this, it is probably called nat
    transparency. Ive tried mapping the ports of my dsl router at home to a
    linux box but i havent been ablet to create my first tunel, i will try
    with a cisco router that i have sitting around tonight.
    , Jun 28, 2005
    #3
  4. Guest

    Yes you are correct . This will work for cisco router and PIX provided
    your dsl router supports nat transparency .
    Cisco IOS supporting Nat transparency is above 12.2(13T) ( enabled by
    default) and PIX code is 6.3 (u will have to put command "nat-t" ) .
    The tunnel then uses two ports udp 500 (ike) and udp 4500 ----normally
    it is udp500 and esp .
    HTH
    SH
    , Jun 29, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Ireland
    Replies:
    1
    Views:
    1,021
    Claude LeFort
    Nov 11, 2003
  2. a.nonny mouse
    Replies:
    2
    Views:
    1,054
  3. AM
    Replies:
    7
    Views:
    4,377
    kh_alex81
    Jul 19, 2007
  4. Aun  Raza
    Replies:
    10
    Views:
    6,547
    aunraza
    Mar 23, 2005
  5. Mephesto
    Replies:
    0
    Views:
    994
    Mephesto
    Jun 29, 2005
Loading...

Share This Page