Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1745
Views
0
Helpful
2
Replies

How to S2S VPN with local ip address ?

Ilhams
Level 1
Level 1

‎11-07-2021 05:16 AM

Hello Experts, 

So i have asked by my customer that is it possible to form s2s vpn using local ip interface?
What i mean is that usually, i configure and form s2s vpn using fw/router that directly faced to the internet, for example from the picture below i usually config crypto map on "Router 0" on its internet-facing interface that using ip public, which is interface gi0/0/0 (ip public :  103.45.43.2).

Is it possible to form s2s vpn from internal router and internal ip and internal interface which is "Router 2" with its gi0/0/0 interface and its ip private is 192.168.1.10? So i want to form s2s vpn between {Router 2, Gi0/0/0, 192.168.1.10} to {Router 3, Gi0/0/0, Ip public 201.23.4.3}. Is it possible? Btw the Router 2 private ip address is natted to ip public 103.45.43.10 on router 0.

The s2s vpn is not between cisco router, i disguise the pictures below because of customer;s credentials. But there is cisco devices between them.

 

dia.PNG

Labels:
0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎11-07-2021 05:22 AM

@Ilhams Yes. You just need to configure Router3 to set the peer as the NAT IP address (103.45.43.10) of Router 2.

On Router 2 setup the peer using the Public IP address  (201.23.4.3) of Router 3.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎11-07-2021 05:27 AM

yes possible as long as they are NAT and visible to external.

 

Make sure the below ports are allowed.

 

  • UDP 500
  • UDP 4500
  • ESP

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents