I've configured a VPN (IPSec) between 2 sites on Cisco 881-K9.
The server "A", which have the address 192.168.0.X must be reachable on port 3389 from public network.
I've configured forwarding ports with the command:
ip nat inside source static TCP 192.168.0.X 3389 interface fastethernet 0 3389
The server is reachable from outside, from the site in which it is located.
But there is an issue with the second site:
- I can ping the server with its local address 192.168.0.X
- But telnet to port 3389 unreachable.
Resolurion: (conditional port-forwarding)
ip nat inside source static tcp 192.168.0.X 3389 x.x.x.x 443 route-map VPN
access-list 107 deny ip 192.168.0.X 0.0.0.255 any
access-list 107 permit ip any any
route-map VPN permit 10
match ip address 107