[c-nsp] Tunneling through NAT

TT teepon at gmail.com
Tue Apr 8 02:55:24 EDT 2008


Hello all,

It seems all the material on the subject of tunneling through NAT I
can find don't have two IOS boxes with the NAT between them, so now
I'm asking for guidance on this.

As said, I've got two IOS routers. The first one (let's call it R1) is
in the internet, with public IP's and all. The other one, R2, is
behind a 1:1 NAT, so one public IP mapped staticly to a single RFC
1918 address. Now what I need, is to route the IP subnet behind R2 to
the internet via R1. That subnet has public IP's, so there's no need
for NAT or anything like that. Apparently I'll need some kind of a
tunnel between the routers, perhaps IPSec, and then static routes over
that. GRE would be nice as there's no need for encryption, but if I
remember correctly, it doesn't have NAT-traversal capabilities.

The problem with example material is that all I can find assumes both
ends of the tunnel have public IP's and no NAT between them. Naturally
if this scenario has been discussed before, any pointers to example
configs etc will be appreciated.

Yours,
Tero


More information about the cisco-nsp mailing list