Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
0
Helpful
1
Replies

vpn via piggyback firewalls

codflanglers
Level 1
Level 1

‎01-17-2015 04:43 AM

Quick question. I've got a current cisco firewall that provides vpn access via a Cisco IPsec client.

Problem is we are moving to a new WAN solution with juniper firewall, but we still need to provide the vpn access to the user base through the IPsec client for now.

I was hoping I could piggyback the cisco off the juniper to still provide vpn access via the IPsec client? If I connect both inside and outside connections to the juniper, the juniper will have a route to the cisco so clients coming over the internet will go there. The cisco then forces the vpn range back to the juniper, who then pushes it back to the LAN.

Am I thinking straight or is this going to cause problems? The thing is I have to move the WAN to a different solution whilst keeping the old stuff working as much as I can, whilst we migrate things.

Labels:
0 Helpful
1 Reply 1

joe19366
Level 1
Level 1

‎01-18-2015 08:14 AM

You want them parallel. there is no good reason to have an external device behind another external device.

 

too many things can go wrong.

 

so if you have to go back to your ISP and get a larger edge block - its worth it.

 

your internal routing device (cisco layer 3 switch, etc) should handle what comes in where and what goes back out where.

 

if you vpn pool is routed to the cisco firewall, and your wan subnets are routed to the juniper - there is nothing wrong with going in one and back out another without nat, etc.

 

let me know if we can help more

0 Helpful
Customers Also Viewed These Support Documents