cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
140
Views
0
Helpful
0
Replies

Differentiating overlapping addresses from different VPN tunnels

Brinay581
Beginner
Beginner

Hi. We have a remote customer who connects to us over an IPSec site to site VPN. They are looking to migrate to new firewalls which will have new external facing IP addresses. The original private source IPs and the ultimate private destination IPs will not change.

During the migration and testing period they will need to have both the original and new source firewalls running, so there are two routes for their traffic to use to our FTDs. Is there a way of setting up the FTDs (we’re using an FMC) so that they know which tunnel the traffic was from so it routes back over the correct one on the way back ?

For example, 192.168.1.1 could send traffic to 172.16.1.1 via tunnel 1 (remote end’s external source IP 33.44.55.66) or 192.168.1.1 could send traffic to 172.16.1.1 via tunnel 2 (remote end’s external source IP 44.55.66.77); we need to know which tunnel it came down so we can send traffic back over the correct tunnel.

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers