IPSec Site-to-Site VPN behind ISP modem
-
Hi,
I'm trying to establish IPSec Site-to-Site tunnel between Cisco 4321 router with a public IP and Netgate SG-2100 behind ISP modem with private IP on the WAN port. But no luck yet.
Cisco router(Public IP) -- Internet -- ISP modem(DHCP public IP) -- SG-2100(Private IP, 192.168.x.x on the WAN)
Do I need to do some port forwarding on ISP modem?
or do I need to some specific configuration for Cisco router and SG02100?
Please advise.. -
@jauintm said in IPSec Site-to-Site VPN behind ISP modem:
SG-2100(Private IP, 192.168.x.x on the WAN)
Hi,
Why are you using dual-NAT?
can you put the modem(ISP) in bridge mode?otherwise it may be a solution:
NAT Traversal - IPSec over NATf.e.: http://www.internet-computer-security.com/VPN-Guide/NAT-T.html
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.