doing vpn on 2811 with 2811 on private natted ip..possible?|
|
|
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||
|
Posted by Anthony J. Biacco on September 9, 2008, 12:38 pm
Please log in for more thread options
Hi, Background.. I have a cisco 2811 router that i'm currently using as my router/ firewall/vpn concentrator. I have a ADSL line hooked into it with qwest and a block of static ips. it does natting in/out,out/in, and VPN users connect to one of the statics on it to get on the corporate network (and get a private 192.168.167.x ip). No problem, works fine. Now.. I'm getting a new provider (2xT1s), a new firewall/router setup (fortinet), and new static ips. The new firewall/router will have the static block and will be doing the natting. I want to take the cisco 2811 now and just use it as a vpn device. I want to put it in a DMZ vlan off the new router (the new router has multiple ports to do multiple seperate security zones). Here's the crux. I want to have a public static ip on the new firewall that maps to a now-private address on the cisco 2811 router (i.e. this will be a DMZ VLAN with a 192.168.168.x subnet, and the cisco 2811 to have an ip of 192.168.168.3). VPN users will connect to the public static on the new firewall, will get natted to the private address on the cisco router, and they'll get their vpn connection. I have never seen a cisco vpn configuration that has the cisco router having a private ip (being natted from somewhere else)..there's always a public ip on the cisco router, which the cisco router uses to both terminate the vpn connection and nat the private vpn traffic out to the internet (as i'm currently doing). Is what i'm asking possible? Or am i going to have to assign one of the public static ips to my cisco router's fe0 and just hang it off the new router? Thanx, -Tony | |||||||
| Similar Threads | Posted |
| doing vpn on 2811 with 2811 on private natted ip..possible? | September 9, 2008, 12:38 pm |
| Cisco Pix 501 - VPN - Private IP | October 9, 2006, 11:20 am |
| DNS resolution on PRIVATE side of VPN | December 7, 2005, 4:45 pm |
| Multiple private routes | August 7, 2007, 6:57 pm |
| Network Security / Virtual Private Networks | January 24, 2009, 12:14 pm |
| Infotecs Advances ViPNet Virtual Private Network With New Security And Communication Features | July 17, 2006, 10:54 am |
| Linux Site to Site Private | May 8, 2006, 1:07 am |
|
Home Cabling GuideFinally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language! Learn More |