question about site to site vpn(one site is public address,the other site is private address)

Unanswered Question
Sep 24th, 2010

network environment is that:

ASA ----- Internet -------C2811

ASA connect Internet by ISP (special line), and  has an fixed public address(eg: 221.x.x.x)

C2811 connect Internet by ISP (ADSL line), it will dial by PPP, and is assigned an private address.(eg:10.x.x.x, address is not fixed)

The private address will NAT by ISP to access Internet. (global public address is not fixed also)

Now we need create site to site vpn, between ASA and C2811. How to do it?  Thank you very much.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Sat, 09/25/2010 - 15:12

As I read the original post I believe that there are 2 parts to the requirements. One part is the establishing of VPN between a dynamic address and a static address. The first response gives a good solution for that. But the second part is that the dynamic address is in private address space and will be translated by the provider on the way out. I wonder if translation of the source address will make problems in verifying the encrypted packet at the receiving ASA?




This Discussion

Related Content