Header

Sections

Syndication

Blogroll:

||||| ALL Cisco-Network ARTICLES |||||
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : NAT Interoperability Support

Email to a friend email

email

Print version print

print

NAT Interoperability Support

Oct 18,2009 by alperen

small font

medium font

large font

NAT Interoperability Support

With the Easy VPN Client, the features automatic NAT and access list configuration replaced any existing NAT and access list configuration. If a tunnel timed out or dropped its connection, the NAT and access configuration were removed automatically, preventing any Internet access even to nontunnel destinations.

Cisco Easy VPN Remote Phase Two supports interoperability with locally configured NAT. When the IPSec VPN tunnel is down, the router automatically restores the previous NAT configuration. Users can continue to access nontunnel Internet connections when the tunnel times out or disconnects.

Local Address Support for Easy VPN Remote

Easy VPN Remote Phase Two provides an interface configuration option, which makes it possible to specify the interface to use in determining the IP address as the source of VPN tunnel traffic. Typically, the loopback interface is the interface used to source tunnel traffic. The syntax is as follows:

Rtr1(config)#crypto ipsec client ezvpn name
Rtr1(config-crypto-ezvpn)#local-address interface-id

The following example shows the local-address subcommand used to specify the loopback0 interface for sourcing tunnel traffic:

Rtr1#config t Rtr1(config)#crypto ipsec client ezvpn telecom-client
Rtr1(config-crypto-ezvpn)#local-address loopback0 Rtr1(config-crypto-ezvpn)#

Related news

» Phase Two Features-Manual Tunnel Control
by alperen posted on Oct 18,2009
» Peer Host Name Enhancement
by alperen posted on Oct 18,2009
» Simultaneous Easy VPN Client and Server Support
by alperen posted on Oct 18,2009
» Step 3-5 Apply the Crypto Maps to the Interface
by alperen posted on Sep 27,2009
» Easy VPN Remote Phase Two
by alperen posted on Oct 18,2009

Did you enjoy this article?

(total 0 votes)

comment

Comments (0 posted)

More Top News

CCSP-Cisco Certified Security Professional

Cisco SAFE Implementation

Preparation Documents

Skills Required for the Exam

Cisco SAFE Implementation Questions and Answers

Access Control Lists Cisco

Access List Basics

Standard Access Lists

Extended Access Lists

TCP Access Lists

UDP Access Lists

ICMP Access Lists

Named Access Lists

Signature and Alarm Management Review

Signature and Alarm Management Review Questions and Answers

Managing Alarms

Event Viewer Customization

Preference Settings

Sensor Installation

Connecting to Your Network Sensor Appliance

Sensor Bootstrap

Sensor Installation and Configuration Review

Sensor Installation and Configuration Questions and Answers

Signature and Alarm Management

CIDS Signatures

Signature Series

Signature Implementations

Signature Classes

Signature Types

Signature Severity

Most Popular

Privilege Levels

Managing the Router's ARP Cache

Configuring SIP on a Cisco Router

IDS Signatures Grouped by Software Release Version

Most Commented

Exploring the Navigation Bar

Site Qualification Test (SQT)

PDAs as Diagnostic Tools

Featured Author

alperen