White Paper Abstract:
This sample configuration shows you how to:
(a) Encrypt traffic between two private networks (10.1.1.x and 172.16.1.x).
(b) Assign a static IP address (external address 200.1.1.25) to a network device at 10.1.1.3
You use access lists (ACLs) to tell the router not to do Network Address Translation (NAT) to the private-to-private network traffic, which is then encrypted and placed on the tunnel as it leaves the router. There is also a static NAT for an inside server on the 10.1.1.x network is this sample configuration. This sample configuration uses the route-map option on the NAT command to stop it from being NAT'd if traffic for it is also destined over the encrypted tunnel.