Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm trying to get some clarity around what commands would be needed to allow an ipsec vpn client sitting behind a Cisco IOS zone-based firewall to make ipsec connections through to a vpn gateway out on the internet. This is the sort of thing that is ...
I have an 887VAM router that is connected to Amazon VPC with redundant ipsec tunnels. The Amazon generated config uses VTI's so it's a route based tunnel. My office is 192.168.0.0/16I am using Amazon VPC as a hub. It is 172.16.0.0/16I also have a br...
OK - accepting on face value that what you say works (subject to me trying it!).However, it does seem that having these stateless inbound rules with permit "any any" is opening up quite a large hole in the wall. I don't really have a sense of how muc...
Thanks Marius I will give that a try, but there's one thing I'm not sure about. I'm not intending that tunnels could be initiated from outside, so don't see the point of the policy allowing inspect from outside to inside.If indeed the router is doing...
My belief at this time is "yes" ... traffic forwarding supported by both VPN gateway in the Amazon VPC.Diagram is as follows:Main Office <----> Amazon VPNGW .....(VPC)..... Sophos UTM <-----> Branch OfficeCisco 887 "Hub" ...
Could you please hint me: why don't you use direct tunnel between your locations?Quite a few reasons really:1. Most of the traffic is between each branch network and AWS Cloud.2. Main office tunnel is for managing what's in the cloud, but also need t...
