Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ipsec between VPN 3000 concentrator and internal Radius server

I want to do an Ipsec tunnel between VPN 3000 concentrator and internal Radius server to encrypt PAP authentication. In this device, WebVPN uses PAP and there is no option to change it.

The problem is that you can only do IPsec tunnels from the public interface and I need to do from the private interface to an internal network server. There is a check box to make the private interface as public, but Cisco recommends having only one public interface.

Is there any problem having the internal interface as public?

Any other solution?

Thanks

1 REPLY
New Member

Re: Ipsec between VPN 3000 concentrator and internal Radius serv

No issue of having public IP on internal interface if you have solid perimeter security infrastructure.

But the recommendation is to use non-routable public IP on inernal interface.

108
Views
0
Helpful
1
Replies
CreatePlease login to create content