Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Can Peer IPSec IP participate in the encrypted domain?

Hi guys,

I have a doubt. Can the IP used to close the IPSec VPN be used in encrypted domain?

I appreciate your help.

6 REPLIES
Super Bronze

Can Peer IPSec IP participate in the encrypted domain?

Hi,

If you are asking that can the VPN devices public IP address be used as the source IP address for traffic in the actual L2L VPN connection then the answer is yes.

Even though we usually dont do this we still have such setups in on some customers.

Hope this helps

- Jouni

Community Member

Can Peer IPSec IP participate in the encrypted domain?

The scenario is that in one side I have a ASA firewall, where I don´t need to use the same ip to close the IPSec and originate the traffic. But we are closing the VPN with a Linux server directly, where it has only one IP, a public IP. So, in this Linux server I need to use this unique IP to establish the IPSec VPN and to originate the traffic of the application. I need to know if it is possible.

Super Bronze

Can Peer IPSec IP participate in the encrypted domain?

Hi,

If this was a question regarding the ASA having the single public IP address for both peer IP and source in Encryption Domain then I could say it would work.

I would expect it to work with the Linux server also but I can't say for sure and I am not sure if anyone else can say either unless they have used such setup.

Might get an answer easier on some discussion more focused on Linux.

- Jouni

Community Member

Hi,I can confirm that it

Hi,

I can confirm that it works.  We have configured a standalone Linux server with openswan connecting with the ASA in a Site-to-Site VPN configuration. 

Colin

Community Member

For Site-to-Site VPN.Can you

For Site-to-Site VPN.

Can you tell me,if we can use the Public IP address (Outside interface ip address on which Tunnel is terminating) in the Encryptino Domain as Source ?

Community Member

Hi, I have the same question

Hi,

 

I have the same question which Purva.Kate has. Can anyone please confirm if it works or not?

 

For Site-to-Site VPN.

Can you tell me,if we can use the Public IP address (Outside interface ip address on which Tunnel is terminating) in the Encryptino Domain as Source ?

 

1444
Views
0
Helpful
6
Replies
CreatePlease to create content