PAT to endpoint

Unanswered Question
Nov 9th, 2007

Our company is going to create an "iVPN" with a partner. The partner company requires:

1. "Model of vpn firewall" (they are using Checkpoint, we use ASA 5510)

2. "One public ip for the partner endpoint"

3. "The public ip addresses inside that tunnel or you can PAT to that endpoint ip"

Number three is what I don't understand. I have setup several l2l and remote vpn's for our network, but I'm not sure exactly what they are requesting.

Can anyone shine some light on this?

TIA!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Sat, 11/10/2007 - 11:49

Hi

I suspect what they are saying is that they do not want to see the source IP addresses of your clients so they are expecting you to either

1) Use a separate public IP address and PAT all your source IP addresses to that one IP address

2) PAT all your source IP addresses behind the public IP address attached to the outside interface of your ASA5510.

Some companies i have setup VPN's with insist on only receiving public IP addresses through the VPN tunnel.

HTH

Jon

Actions

This Discussion