SecuRemote (CP VPN client) behind Cisco Router with NAT enabled

Discussion in 'Cisco' started by Nick Brandson, Jul 26, 2004.

  1. dear guru,

    Completely new to Cisco world.
    did anyone try to use SR behind a Cisco Router with NAT enabled of a
    pool of routable IP.

    SR --> Router (NAT)--> Internet --> VPN-1

    Any settings have to be done in our router? (IPSEC passthru?
    Fragmentation?)

    or the IP of my SR has to be a static NATed?

    Tried to connection to the VPN-1 gateway, auth successfully, however,
    cannot access the server farm in the VPN domain and cannot even ping
    those servers.

    Tried to do the test at home behind a broadband router and it worked
    perfectly fine.

    Seems it's not the problem of the VPN-1 settings...

    Something related to my Cisco router.

    any ideas will be appreciated.

    thanks
    Nick
     
    Nick Brandson, Jul 26, 2004
    #1
    1. Advertising

  2. In article <>,
    Nick Brandson <> wrote:
    >dear guru,
    >
    >Completely new to Cisco world.
    >did anyone try to use SR behind a Cisco Router with NAT enabled of a
    >pool of routable IP.
    >
    >SR --> Router (NAT)--> Internet --> VPN-1
    >
    >Any settings have to be done in our router? (IPSEC passthru?
    >Fragmentation?)
    >
    >or the IP of my SR has to be a static NATed?


    No.

    >Tried to connection to the VPN-1 gateway, auth successfully, however,
    >cannot access the server farm in the VPN domain and cannot even ping
    >those servers.
    >
    >Tried to do the test at home behind a broadband router and it worked
    >perfectly fine.
    >
    >Seems it's not the problem of the VPN-1 settings...


    Allowing the correct ports ? Your mileage may vary, these are for NG.

    [inbound from Internet]

    access-list 101 permit esp any host <Firewall IP Addr>
    access-list 101 permit udp any host <Firewall IP Addr> eq isakmp
    access-list 101 permit udp any host <Firewall IP Addr> eq 259
    access-list 101 permit tcp any host <Firewall IP Addr> eq 500
    access-list 101 permit tcp any host <Firewall IP Addr> eq 264
    access-list 101 permit udp any host <Firewall IP Addr> eq 2746
    access-list 101 permit tcp any host <Firewall IP Addr> eq 18231
    access-list 101 permit udp any host <Firewall IP Addr> eq 18233
    access-list 101 permit udp any host <Firewall IP Addr> eq 18234


    alan
     
    Alan Strassberg, Jul 26, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jeff

    Wireless connection and VPN-1 Securemote

    Jeff, Jul 18, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,854
  2. Corbin O'Reilly
    Replies:
    2
    Views:
    3,194
    Corbin O'Reilly
    May 26, 2004
  3. z400d3
    Replies:
    0
    Views:
    498
    z400d3
    Feb 28, 2005
  4. Tomi
    Replies:
    3
    Views:
    1,953
  5. D K
    Replies:
    4
    Views:
    477
Loading...

Share This Page