redirecting incoming traffic to vpn connected networks
at the central site we have 1811 router with established few static vpn ipsec tunnels. At the remote sites we have 831 routers. Is there any way to redirect certain incoming traffic (based on tcp ports) from outside at the central place, directly to networks connected through vpn? All private network addresses are different and the incoming traffic is landing through static nat on the internal host at the central site. How can I redirect this traffic into some vpn tunnel?
Re: redirecting incoming traffic to vpn connected networks
Sorry for confusion, here is some additonal info:
1. Current scenario:
central site is receiving the traffic from Internet on external ip f.ex 18.104.22.168 This traffic is static nat to internal host 192.168.160.25 ; this traffic is using many specified tcp ports;
the central site has laso 5 fixed ipsec vpn tunnels with their networks f. ex. 10.110.0.0, 10.120.0.0, 10.130.0.0 etc.
eliminating the need of the internal host 192.168.160.25, instead redirecting the traffic directly to networks 10.110.0.0, 10.120.0.0, 10.130.0.0 etc. based on the tcp ports used. F.ex ports tcp range 2000 - 2010 redirect to 10.110.0.0,
ports tcp range 2000 - 2020 redirect to 10.120.0.0 etc.
I hope that would clear well the question I asked.
In the current scenario there is no such problem because all the interested traffic is handled at the central site, because of changing the structure we need to find out the new solution.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...