I need to make a this VPN on my firewall (outside interface of my firewall is the gateway)
IP distant Endpoint - Ip distant Gateway)---(My Router-My firewall-Ip of my server wish is the my endpoint.
My router has very simple config: it is 2 ports, one port on the internet, another one also with real IP, connected to the firewall. basically there is a default route that forward all the packets to the next hop on the internet (the provider gateway)
i possess 5 ethernet interfaces on my firewall, 3 of them are working: (1 outside with real IP), (1 inside with local ips (PAT) )and (1 intf3 with my second range of real IPs wish i created just for my VPN). I possess 2 ranges of real ips of 6 real ips each.
outside security: 0, inside 100, intf3 6
I already have 1 VPN established between one host on my inside interface and a distant host.
My first problem is that i can't access internet using hosts related to intf3.I don't understand why. The Ips on intf3 are all reals. on the firewall there is default route to my router. on the router a default route to my provider... The internet works fine for my natted interface.
Do i need to use natting to make connection to the outside ?! I mean firewall can be used to isolate networks.
If anyone intersted in helping me, i could provide my config in private.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...