Firewall Wizards mailing list archives

Site-to-Site VPN Gateway behind NAT device

From: Nick Brandson <nickbrandson () yahoo com>
Date: Tue, 22 Mar 2005 22:33:24 -0800 (PST)

Dear guru,

Does anyone try build site-to-site VPN with one
gateway behind a NAT device (like a router or a load
balancer)?

Both gateways are using NGAI R55 on SecurePlatform. 
Want to use a load balancer for two ISPs link.  The
primary link can be transparently go thru the LB
device, the secondary link needs to be NATted to the
Firewall. From the Firewall point of view, only one
connection to the device.  The device will make the
decisions.  We do NOT turn on the ISP redundancy in
CP. 

what we need to set up in the peer gateway in order to
identify the changes when ISP link failover.

Do we need to set up two Firewall Objects in the peer
gateway?

Any ideas/input will be much appreciated.

Thanks a million,
Nick


                
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/ 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Site-to-Site VPN Gateway behind NAT device Nick Brandson (Mar 24)
- Re: Site-to-Site VPN Gateway behind NAT device Rob Hughes (Mar 30)