03-27-2006 01:21 AM - edited 03-03-2019 12:11 PM
Hi,
My customer having two sites. At one site DSL is directly connected to firewall, it got fixed public IP.
Another site Internet is terminated on Broadband router, this public IP is used for internal clients and firewall.
Now I want to setup site-to-site VPN in between public IP firewall and private IP firewall. is it possible?
Any suggestion in advance is appreciated.
Regards
skrao
03-27-2006 02:24 AM
Its possible only with port forwarding to firewall private IP - you must forward UDP port 500 (IKE) and UDP 4500 for nat-traversal
it shloud be something like this
On broadband router
ip nat inside source static UDP private_firewall_IP 500 PublicIP_router 500
ip nat inside source static UDP private_firewall IP 4500 PublicIP_router 4500
and
On routers Public interface
ip nat outside
On routers Public interface
ip nat inside
03-27-2006 02:53 AM
Thanks for your reply.
broadband router is not in my control to configure NATing.
is there any other way without touching broadband router to setup site-to-site VPN.
Regards
skrao
03-27-2006 04:46 AM
So Iam affraind there is now way - when you configure IPsec tunnel both endpoints must be reachable through internet
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide