IPSEC tunnel through another firewall

Unanswered Question
Oct 27th, 2013
User Badges:


We are currently planning to add a perimeter firewall (Cisco ASA). We have concern on the IPSEC tunnel currently established on existing firewall (Cisco ASA).   

Below is a simple representation of how the current setup and future setup:-

External site   -> Internet ->   Cisco ASA -> Internal network

                     (IPSEC tunnel)

External site  -> Internet ->  Cisco ASA ->  Cisco ASA -> Internal network

                      (            IPSEC Tunnel      )   

Both the new firewall and existing firewall will have public IP. We will configure access list to allow IPSEC on new perimeter firewall and exclude the current firewall external IP from PAT.

Is there anything need to take care of ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Michael Muenz Mon, 10/28/2013 - 02:13
User Badges:
  • Silver, 250 points or more
  • Community Spotlight Award,

    Best Publication, April 2016

When both have a public IP there won't be any issue with IPSec


Please rate all helpful posts


This Discussion