cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
810
Views
0
Helpful
2
Replies

L2L VPN with public ip on the router and firewall with private IP

shanilkumar2003
Level 1
Level 1

Dear All,

I have a requiremnt for site to site VPN configuration but the remote end firewall doesnt got Public ip ,public ip is termintaed on the router. please find the attached diagram

LAN -->Firewall-privateip --> Router-publicip --ISP

how can i setup site to site VPN tunnel, appreciate urgent help

Thanks in advance..

Shanil

1 Accepted Solution

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

You can configure static 1:1 NAT for the ASA outside interface with a spare public ip address on the router.

If you don't have spare public ip, then you need to configure static PAT for UDP/500 and UDP/4500 on the router, and enable NAT-T on the ASA.

View solution in original post

2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

You can configure static 1:1 NAT for the ASA outside interface with a spare public ip address on the router.

If you don't have spare public ip, then you need to configure static PAT for UDP/500 and UDP/4500 on the router, and enable NAT-T on the ASA.

Would you please share the config ..or any example config please

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: