[c-nsp] Tunnel from a Cisco behind NAT
Brett Looney
brett at looney.id.au
Sun Jan 4 19:12:32 EST 2009
> I have a Cisco device that is behind a NAT router already and I am
> wishing to make a tunnel to another router which is live.
I have done this with IPSEC. If the NAT is not static (i.e. you can't
initiate a session to the router behind the NAT) then you can only bring up
the tunnel from that router but it does work...
The only caveat is that some NAT devices don't NAT IPSEC correctly but I
haven't found any like that for a few years now. Plus, you can enable NAT-T
and that helps in most cases.
B.
More information about the cisco-nsp
mailing list