EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Tuesday 19 November 2024, 07:41:11 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14258
Posts in
4377
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
VPN Support
Virtual IP as IPsec Destination possible?
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Virtual IP as IPsec Destination possible? (Read 13170 times)
pakroby
Jr. Member
Offline
Posts: 2
Virtual IP as IPsec Destination possible?
«
on:
Wednesday 02 September 2009, 08:02:32 am »
I want to set up an IPsec tunnel so that the local network that is routed to the remote network is one of my internet IP addresses. This is to avoid conflicts with common private IP ranges. Once that is working I plan to PAT/NAT the traffic to its actual destination. I have never had a problem implementing this on my SonicWALL 3060, so I umed that it would not be too difficult to accomplish on Endian. It looks like I was wrong.
I have a Virtual IP, or VIP, of X.X.X.77 configured on my WAN interface. This is also configured as my local network destination for an IPsec tunnel.
I also have a Source NAT rule set up so that all traffic destined to 192.168.99.0/24, the IPsec remote network, will be translated to come from my VIP of X.X.X.77. In theory this should work.
The tunnel is configured and it comes up. Traffic from my remote network has no problem making it to my local network, but I am unable to send any traffic from inside my Endian LAN to the remote IPsec network.
As a trouble shooting step, I have deactivated both the outbound firewall and the inter-zone firewall, but this has not helped.
I have also set up a sniffer listening to the internet switch that the Endian firewall is connected. I do not see any traffic leaving X.X.X.77 or destined to 192.168.99.0/24.
Is what I am trying to do even possible in Endian, or is this a limitation? Any advice would be much appreciated.
Thank you,
pakroby
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.048 seconds with 17 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com