Situation: currently using Sidewinder firewall for security; want to use ASA 5510 for IPSEC and SSL VPN. ADo not want parallel connections. Would rather place ASA in DMZ behind Sidewinder.
Question: Having trouble establishing IPSEC VPN. The Sidewinder is NATting the Public IP address to private before the ASA receives the packet. Is this a problem, a show-stopper, or a distraction from my real config issue?
If you have the proper nat rules there should be no problem on establishing the tunnel, remember that you need to allow udp 500, 4500 and ESP protocol going through your Sidewinder. When doing this, what is showing up on the debugs of your ASA?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...