What you could use is a separate OR double tunnel, for example (some extra
public IP's)
network private
nat (here) to public ip (behind FW=DMZ)
vpn FW ipsec(here) source
vvvv internet
vpn FW ipsec dest
nat (here) from public ip to private ip (behind FW=DMZ)
network private
This chapter shines a in-dept light on the topic, and also explains a
pass-trough vpn scenario.
http://www.microsoft.com/TechNet/win2000/win2ksrv/reskit/intch09.asp
Cheers,
Martijn
-----Oorspronkelijk bericht-----
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Ricky
Gomez
Verzonden: woensdag 31 januari 2001 16:43
Aan: '[EMAIL PROTECTED]'
Onderwerp: IPSec help
Hey all, I'm trying to implement IPsec in my existing network but we are
using NAT. In order for the Encapsulating Secure Payload (ESP) and
Authentication Header (AH) protocol to exit out my network the packet cannot
be modified, in which it is being modified due to Network Address
Translation (NAT), so the connection is terminated.
Does anyone know what appliance I need to invest in, in order to make this
work?
Ricky Gomez
LAN/WAN ENGINEER
Email: <mailto:[EMAIL PROTECTED]>
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
