Hello,
I am in an environment that has multiple users which VPN into our network using Cisco 871 routers. We are currently using EZVPN for them today.
The problem that I am running into is the person who orginally had this setup, configured it so the users are behind a NAT on the 871. This prevents us from getting directly to the devices behind the router. The end users have a Cisco 7940 phone and computer at their locaiton.
Because of this config, we are unable to remote desktop as well as the remote users are not able to call one another through their Cisco phones. This appears to be because of the NAT.
I am unable to change the config on our ASA box because it is too critical for us to try changing any configs on it. I am also not able to setup new routes because once again some of the equipment is too critical to try testing with trial and error=) So, I still need to remain behind a NAT.
So, what I am looking to do is when the EZVPN connects, I would like it to grab two ip addresses from our ASA box. So, the Cisco 871 would have two outside addresses configured on loopback interfaces. Right now, by default the Cisco routers grab only one IP address for loopback. If I can get it to grab two, I can just setup direct static routing without needing to do any port forwarding.
Is this possible to setup?
Start Free Trial
