Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
0
Helpful
3
Replies

VPN passthrough

JoeMcHale
Level 1
Level 1

‎05-07-2007 09:33 AM

Can VPN traffic be passed through an edge router. I want to setup a 2950 as my Internet router then use a 3950 as the internal router. The 3950 would need to have VPN to VPN configured to an outside network.

Labels:
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎05-07-2007 10:17 AM

Hi Joe

Is the edge router going to be doing NAT / PAT ?

VPN traffic can be passed throug a roter, you would need to allow

UDP port 500 (isakmp)

ESP port 50 (ipsec).

Note that ESP is it's own protocol.

If you are doing NAT/PAT on your edge router you may need to run NAT-T which involves allowing additional ports.

HTH

Jon

0 Helpful

JoeMcHale
Level 1
Level 1
In response to Jon Marshall

‎05-07-2007 10:28 AM

I am doing NAT. I guess what I do not understand is how the traffice gets routed from my internet router to the VPN Router.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to JoeMcHale

‎05-07-2007 11:02 PM

Joe

I'm not sure i fully understand your question. IPSEC traffic is like all other IP traffic in that there are source and destination IP address in the packet headers. When the remote send an IPSEC packet to your VPN router the destination address will the IP address on the VPN router and your edge router will just forward this on, as it would with any IP packet, to your VPN router.

This does mean that your VPN router needs to have a publically routable IP address - is this the problem ?

Jon

0 Helpful
Customers Also Viewed These Support Documents