ipsec issue

Hi guys,

Please help me with a issue

1.1.1.1----- 1.1.1.2 ROUTER FA4 2.2.2.2-----2.2.2.1 ADSL ROUTER ---INTERNET
----------------------------------- ipsec termination - 5.5.5.5

Requiremnets -
1) 1.1.1.1 access server 5.5.5.5 ( server ) after establishing ipsec
2) 1.1.1.1 access internet
3) 2.2.2.0/24 nating to a public ip given by ISP done on ADSL router
4) People from outside should access 2.2.2.5<<<<this ip should point to
1.1.1.1

config ---

ip cef
!
!
!
!
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
 lifetime 28800
crypto isakmp key EX(epT!0n21Iye address 100.100.100.100
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set TEST esp-3des esp-sha-hmac
!
crypto map VPN 20 ipsec-isakmp
 set peer 100.100.100.100
 set security-association lifetime seconds 86400
 set transform-set TEST
 match address 101
archive
 log config
  hidekeys
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 ip address 2.2.2.2 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 crypto map VPN
!
interface Vlan1
 ip address 1.1.1.2 255.255.255.240
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 2.2.2.1
!
no ip http server
no ip http secure-server
ip nat inside source route-map nonat interface FastEthernet4 overload
ip nat inside source static 1.1.1.1 2.2.2.5
!
access-list 101 permit ip 1.1.1.0 0.0.0.255 host 5.5.5.5
access-list 102 deny ip 1.1.1.0 0.0.0.255 host 5.5.5.5
access-list 102 permit ip 1.1.1.0 0.0.0.255 any
!
!
route-map nonat permit 10
 match ip address 102
!

Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 16 2010 - 17:22:50 ART