Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
859
Views
10
Helpful
4
Replies

VPN Design - router with only 1 network interface

rts-net-support
Level 1
Level 1

‎08-10-2006 11:55 PM

Hello all,

This may sound like a dumb question. We need to set up a new VPN connection to a customer and they have an IPSEC capable router with only 1 network interface. It has a private IP, the router is placed in a DMZ.

Is it possible to terminate a VPN connection on that router ? Or you need 2 network interfaces (one private, one public) ?

Thanks in advance,

Stefan

Labels:
0 Helpful
4 Replies 4

abdel_n
Level 1
Level 1

‎08-11-2006 05:16 AM

Hi,

You know what i have just tried to assign a crypto map to a subinteface with dotq encapsulation and the router accepted it and enabled ISAKMP on it!

So with another subinterface with another dotq vlan encapsulation i guess you can terminate a vpn connection to the first one and forward decrypted traffic to the second.

I will try this later and i will post results as soon as i've done it (if it work of caurse)

0 Helpful

rts-net-support
Level 1
Level 1
In response to abdel_n

‎08-11-2006 07:25 AM

Interesting. Please, post results with some configuration examples, when you have them ;)

Thanks,

Stefan

0 Helpful

abdel_n
Level 1
Level 1
In response to rts-net-support

‎08-11-2006 05:51 PM

Hi Stefan,

Here is the configuration with some explanations.

I hope this will help you.

27311-SITE TO SITE CONNECTION WITH SUB.swf

rts-net-support
Level 1
Level 1
In response to abdel_n

‎08-13-2006 10:52 PM

That's an excellent explanation, thanks a lot.

0 Helpful
Customers Also Viewed These Support Documents