DMVPN behind a NAT device?

Is it possible to setup a DMVPN router behind a NAT device? I want to use a 1811 behind my Linksys router so I can still have my home network along side my office one... I spoke with some consultants and they all mentioned it was not possible. I think that their must be a way for a home user to separate his home network from his work network... DTLokee I am sure you will chime in.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

mikej412

LOkrasa wrote:

I spoke with some consultants and they all mentioned it was not possible.

You might want to find some new consultants.

DMVPN: Dynamic Tunnels Between Spokes Behind a NAT Device

Since 12.(2)SXE

It is not uncommon to situate a remote DMVPN spoke behind a NAT box, where a Port Address Translation (PAT) is enabled. When the DMVPN spokes need to send a packet to a destination (private) subnet behind another spoke, they query the Next Hop Resolution Protocol (NHRP) server for the real (outside) address of the destination spoke. The DMVPN hub maintains a NHRP database of the tunnel endpoints and the physical address of the spokes.

Figure 3 illustrates that it is typical for spokes in a DMVPN cloud to be given the same physical address by the NAT boxes sitting in front of them. As the spokes often times have no control over the addresses provided to them by the ISP, DMVPN was enhanced to work for spokes behind a NAT Box.

Figure 3. NAT Transparency Aware DMVPN

LOkrasa

BIG Thanks Mike... I think I need to find a new friend in google. My apologies... I got some new fun reading to do!