IPSec Site-to-Site VPN behind ISP modem
I'm trying to establish IPSec Site-to-Site tunnel between Cisco 4321 router with a public IP and Netgate SG-2100 behind ISP modem with private IP on the WAN port. But no luck yet.
Cisco router(Public IP) -- Internet -- ISP modem(DHCP public IP) -- SG-2100(Private IP, 192.168.x.x on the WAN)
Do I need to do some port forwarding on ISP modem?
or do I need to some specific configuration for Cisco router and SG02100?
DaddyGo last edited by
SG-2100(Private IP, 192.168.x.x on the WAN)
Why are you using dual-NAT?
can you put the modem(ISP) in bridge mode?
otherwise it may be a solution:
NAT Traversal - IPSec over NAT