05-12-2024 08:26 AM
Hi All,
Can we create an ipsec tunnel between umbrella data center and Cisco FTD firewall using private ip ?. In my infrastructure isp is terminated on router and FTD is behind Router.
05-12-2024 08:57 AM
https://docs.umbrella.com/umbrella-user-guide/docs/configure-tunnel-with-cisco-secure-firewall
Check link and if you do static NAT in router for port ipsec udp 500/4500 it will work.
MHM
05-29-2024 11:06 PM - edited 05-30-2024 09:01 PM
Hello,
Yes, you can create an IPsec tunnel between an Umbrella data center and a Cisco FTD firewall using a private IP. Since the FTD is behind a router you need to enable NAT Traversal and configure NAT on the router to map the FTD's private IP to a public IP. This setup aa jetnet allows the Umbrella data center to communicate with the FTD. Configure the IPsec settings on both the FTD and Umbrella, ensuring the router's public IP is used as the endpoint for the tunnel.
05-30-2024 12:06 AM
Can we create a policy based tunnel as ftd is behind the router or it mandatory to have a vti based tunnel. PFB attachment
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide