Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
0
Replies

3 SITE-TO-SITE VPN FTD TO FTD with same remote peer address

Bledian
Level 1
Level 1

‎01-26-2023 01:32 AM

Hello community,

I have a case where I have to configure 3 Site-to-Site VPNs between HQ FTD (managed by FMC) and Branch FTD (managed by FDM).

But, the case is that in the HQ FTD I only have 1 public ip address, and a router before the HQ FTD which has 2 more public ip, is there any way  I can build site-to-site VPN between HQ FTD and branch FTD using the 2 public IP I have in router as my remote peer from Branch FTD prespective but, somehow translating to the public IP I have in HQ FTD. 

 

p.s the site-to-site VPNs have to be build only between HQ FTD and Branch FTD, as we know we can't configure 3 site-to-site VPN with the same remote peer.  The Branch FTD has 3 public IP, so the problem stands at the HQ site. 

 

I tried to use NAT Exempt on Branch FTD, by using the public IP in my router as the remote peer and than NAT exempt into my public IP of HQ FTD, the VPN is Active-UP, but my pc in branch site cannot ping pc in HQ.

 

Best regards,

 

BR

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents