Hello Experts,
I am planning to set up IPsec connection from client location to our DC cisco ASR router.
Client has cisco router from where IPsec connections built, this router sits behind Firewall which has single internet gateway IP.
All the traffic behind the firewall overloaded to single public IP, similar case is for cisco router where IPsec terminates.
I referred few article for this scenario, which says with PAT , IPsec connections will not be established due to source port changed from 4500 to random port.
now, I am curious to know if we can use PAT on the firewall to build the IPsec connectivity to our core DC router.
set up is like this..
customer LAN -->CIsco router (IPsec)192.168.1.1-->Firewall (PAT enable) (ex. 55.55.55.65)--Internet -->DC core Cisco ASR