I'm trying to set up a network with the following design and wanted to see if there would be any problems with remote users being able to make a VPN to the Cisco router configured as a VPN endpoint. My design is attached as a JPG file and VPN clients would use a pool of addresses configured on the Cisco 1720 (configured as a VPN endpoint) and would be something like 10.10.10.150 - 10.10.10.200. These VPN users need to access the servers on the 10.10.10.0 subnet
My question/concern is will having the Sonicwall firewall performing NAT cause a problem with VPN clients connecting to the Cisco 1720 router (configured as a VPN endpoint)?
I was going to configure a static NAT on the Sonicwall firewall so that VPN clients would connect to a 200.200.200.x address and the Sonicwall firewall would then NAT this to a 192.168.0.x address on the Cisco router. Will this NAT affect the ISAKMP/IPSec traffic and not successfully establish the VPN
Do you have a sample configuration (router and/or VPN) that I could reference for this type of setup?
However NAT a IPSEC is not a problem as long as your firewall supports it. The Cisco 1720 won't know the differance. You need to make sure your Sonic Firewall supports it. And yes you need to have a static nat for it to work properly. We currently use ( I hate it but=) a checkpoint FW that NAT's the IPSEC traffic to a VPN concentrator and that works just fine. BUT we did have issues with it cause the firewall wasn't really doing it's NAT job.
So my suggestion is to assign the C1720 a Public IP if possible.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...