Mainly on devices which does the NATing, try the tunnel under debug and it
should tell you what the problem is...
Regards,
Nish
On Sat, Jul 31, 2010 at 1:12 PM, DN817 <ndheeraj.ccie_at_googlemail.com> wrote:
> Thanks, Nish.
> Do we need IPSec Passthrough on the device doing NAT or on the end CE
> routers?
>
> Unfortunately NAT is done by service provider and we don't have control on
> those devices.
>
> Regards,
> DN
>
> On Sat, Jul 31, 2010 at 1:03 PM, Nish Vamadevan <ipnish_at_gmail.com> wrote:
>
> > Should be able to as long as IPSec Passthrough is enabled on both devices
> > and Protocol 50/50 and Port 500 isin't blocked... Then, you should be
> able
> > to form tunnels...
> >
> > Regards,
> > Nish
> >
> > On Sat, Jul 31, 2010 at 12:53 PM, DN817 <ndheeraj.ccie_at_googlemail.com
> >wrote:
> >
> >> Hi Experts,
> >>
> >> I am trying to run IPSEC between an Internet router(with public IP
> >> address)
> >> and another router which got access to internet over a 3G mobile
> network.
> >> The 3G provider only assigns private address but is static NATed to a
> >> public
> >> IP address with in their cloud.
> >>
> >> Please advise whether it is possible to run IPSEC between these 2
> routers
> >> over the internet.
> >>
> >> R1(IP=80.x.x.x) == INTERNET == 3G Network (where IP 10.1.1.1 is NAT ed
> to
> >> 90.x.x.x) == 3G Device with WAN IP - 10.1.1.1
> >>
> >> Thanks,
> >> DN
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sat Jul 31 2010 - 13:21:32 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART