Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
800
Views
0
Helpful
3
Replies

IPSEC tunnel with a router behind the firewall.

skhan
Level 1
Level 1

‎10-09-2001 04:04 PM - edited ‎02-21-2020 11:26 AM

Hi ,

I am looking for a config example for an ipsec configuration where the router resides behind the firewall or in a dmz connecting to another private network over the internet.

Could some please help.

Labels:
0 Helpful
3 Replies 3

wjulia
Level 1
Level 1

‎10-09-2001 05:46 PM

Basically, all you need is the router configuration, which you can find here: http://www.cisco.com/warp/customer/707/index.shtml#ipsec.

For the firewall, you need something like the following:

access-list 101 permit esp any host

access-list 101 permit isakmp any host

access-group 101 in interface outside

0 Helpful

skhan
Level 1
Level 1
In response to wjulia

‎10-10-2001 09:12 AM

Does the ipsec router need to sit in the DMZ or the Private Internal Network. If it needs to set in the internal network how would the config look. Is there a config example to that regard, still being behind the firewall.

Where do customers normally have their ipsec router placed keeping in mind security ?

0 Helpful

joyce-qu
Level 1
Level 1
In response to wjulia

‎10-16-2001 12:26 AM

Hi, wjulia

I have the same problem of config an IPSec behind firewall or in DMZ. but I cannot access the site you recommanded. Would you be kind enough to E-mail me a sample configuration? Thank you in advance.

Quzhj@sina.com

0 Helpful
Customers Also Viewed These Support Documents