Professional Documents
Culture Documents
IPSec+ +Thru+a+Firewall
IPSec+ +Thru+a+Firewall
192.1.20.0/24 192.1.30.0/24
E0/0 (.2) E0/0 (.3)
R2 R3
c
10.4.4.0/24
IPSec Tunnel 2 – R3 [192.1.40.4] – 192.1.30.3
192.1.10.0/24 Outside G0/0 (.10) Interesting Traffic – 10.4.4.0/24 <-> 10.3.3.0/24
IPSec Tunnel 1 – R1 [192.1.10.1] – 192.1.20.2
Interesting Traffic – 10.1.1.0/24 <-> 10.2.2.0/24 192.1.40.0/24
R4
G0/1 (.10)
10.11.11.0/24 Inside
E0/0 (.1)
10.1.1.0/24
R1
Tunnel 1 - NAT – T
R1 R2
Object network R1
host 10.11.11.1
nat (Inside,Outside) static 192.1.10.1
! c
Access-list OUTSIDE permit udp host 192.1.20.2 host 10.11.11.1 eq 500
Access-list OUTSIDE permit udp host 192.1.20.2 host 10.11.11.1 eq 4500
!
Access-group OUTSIDE in interface Outside
Tunnel 2 – Without NAT-T
R4 R3