DMVPN behind a NAT device?

LOkrasaLOkrasa Member Posts: 343 ■■■□□□□□□□
in CCNP
Is it possible to setup a DMVPN router behind a NAT device? I want to use a 1811 behind my Linksys router so I can still have my home network along side my office one... I spoke with some consultants and they all mentioned it was not possible. I think that their must be a way for a home user to separate his home network from his work network... DTLokee I am sure you will chime in. ;)
· Share on FacebookShare on Twitter

Comments

  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    LOkrasa wrote:
    I spoke with some consultants and they all mentioned it was not possible.
    You might want to find some new consultants.

    DMVPN: Dynamic Tunnels Between Spokes Behind a NAT Device

    Since 12.(2)SXE 
    It is not uncommon to situate a remote DMVPN spoke behind a NAT box, where a Port Address Translation (PAT) is enabled. When the DMVPN spokes need to send a packet to a destination (private) subnet behind another spoke, they query the Next Hop Resolution Protocol (NHRP) server for the real (outside) address of the destination spoke. The DMVPN hub maintains a NHRP database of the tunnel endpoints and the physical address of the spokes.

Figure 3 illustrates that it is typical for spokes in a DMVPN cloud to be given the same physical address by the NAT boxes sitting in front of them. As the spokes often times have no control over the addresses provided to them by the ISP, DMVPN was enhanced to work for spokes behind a NAT Box.

    Figure 3. NAT Transparency Aware DMVPN
    cdccont_0900aecd80281db2_0900aecd80281db2-3.jpg
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • LOkrasaLOkrasa Member Posts: 343 ■■■□□□□□□□
    BIG Thanks Mike... I think I need to find a new friend in google. My apologies... I got some new fun reading to do!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.