IPSEC VPN terminating through a NAT

Unanswered Question

Situation: currently using Sidewinder firewall for security; want to use ASA 5510 for IPSEC and SSL VPN. ADo not want parallel connections. Would rather place ASA in DMZ behind Sidewinder.

Question: Having trouble establishing IPSEC VPN. The Sidewinder is NATting the Public IP address to private before the ASA receives the packet. Is this a problem, a show-stopper, or a distraction from my real config issue?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Tue, 02/03/2009 - 16:54
User Badges:
  • Cisco Employee,

If you have the proper nat rules there should be no problem on establishing the tunnel, remember that you need to allow udp 500, 4500 and ESP protocol going through your Sidewinder. When doing this, what is showing up on the debugs of your ASA?


This Discussion