Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
0
Helpful
3
Replies

is public IP to NATed private IP site-to-site VPN possible?

sivakondalarao
Level 1
Level 1

‎03-27-2006 01:21 AM - edited ‎03-03-2019 12:11 PM

Hi,

My customer having two sites. At one site DSL is directly connected to firewall, it got fixed public IP.

Another site Internet is terminated on Broadband router, this public IP is used for internal clients and firewall.

Now I want to setup site-to-site VPN in between public IP firewall and private IP firewall. is it possible?

Any suggestion in advance is appreciated.

Regards

skrao

Labels:
0 Helpful
3 Replies 3

m.sir
Level 7
Level 7

‎03-27-2006 02:24 AM

Its possible only with port forwarding to firewall private IP - you must forward UDP port 500 (IKE) and UDP 4500 for nat-traversal

it shloud be something like this

On broadband router

ip nat inside source static UDP private_firewall_IP 500 PublicIP_router 500

ip nat inside source static UDP private_firewall IP 4500 PublicIP_router 4500

and

On routers Public interface

ip nat outside

On routers Public interface

ip nat inside

0 Helpful

sivakondalarao
Level 1
Level 1
In response to m.sir

‎03-27-2006 02:53 AM

Thanks for your reply.

broadband router is not in my control to configure NATing.

is there any other way without touching broadband router to setup site-to-site VPN.

Regards

skrao

0 Helpful

m.sir
Level 7
Level 7
In response to sivakondalarao

‎03-27-2006 04:46 AM

So Iam affraind there is now way - when you configure IPsec tunnel both endpoints must be reachable through internet

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card