How crucial is a public IP on WAN port for VPN?

Discussion in 'Cisco' started by alfa145uk, Jul 23, 2007.

  1. alfa145uk

    alfa145uk Guest

    I got asked this question today by somebody. Whilst I've set up
    numerous Watchguard firewalls in the last few years, nearly all have
    been on a conventional public lan, a few have been behind a single
    static ip nat'd from the router and have worked.

    I've spent hours/days/weeks trying to overcome incorrectly nat'd packets
    for VPN connectivity issues before to know that it is just best avoided.
    I've never tried setting up a Cisco fw other than having a public IP on
    the wan ports, so what would happen if I tried NAT?
     
    alfa145uk, Jul 23, 2007
    #1
    1. Advertising

  2. alfa145uk

    James Guest

    On 24 Jul, 04:46, alfa145uk <> wrote:
    > I got asked this question today by somebody. Whilst I've set up
    > numerous Watchguard firewalls in the last few years, nearly all have
    > been on a conventional public lan, a few have been behind a single
    > static ip nat'd from the router and have worked.
    >
    > I've spent hours/days/weeks trying to overcome incorrectly nat'd packets
    > for VPN connectivity issues before to know that it is just best avoided.
    > I've never tried setting up a Cisco fw other than having a public IP on
    > the wan ports, so what would happen if I tried NAT?


    I have done it a few times with PIX 6.3 and various IOS routers over
    DSL lines which use private IP Addressing to the ISP. It works fine -
    virtually all devices now support Nat Traversal.

    James
     
    James, Jul 24, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page