Can Site to Site VPN work with 2xER605 but only main branch has public ip?
Can Site to Site VPN work with 2xER605 but only main branch has public ip?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Under normal circumstances, a public IP at both ends is best. This is because we need to ensure that the WAN IPs at both sides are accessible to each other.
However, there are special cases where the WAN IP at one end is a private IP, so the public IP at the other end has no access to the private IP, which means that it can not establish the VPN tunnel.
In this moment, we need to open a port for this private IP on the device in front of this private IP, and then use the public WAN IP of this device in front of this private IP to set up a VPN with the WAN IP at the other end.
Public WAN IP----------------VPN----------------Front device(Public WAN IP---SET port forwarding)---Private WAN IP
- Copy Link
- Report Inappropriate Content
Yes, you can use 2 ER605 to set the site-to-site VPN, just need to note that set the port forwarding rule on the NAT device in front of ER605 which has private IP.
Open the port for R605's WAN IP on the front-end devices.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Under normal circumstances, a public IP at both ends is best. This is because we need to ensure that the WAN IPs at both sides are accessible to each other.
However, there are special cases where the WAN IP at one end is a private IP, so the public IP at the other end has no access to the private IP, which means that it can not establish the VPN tunnel.
In this moment, we need to open a port for this private IP on the device in front of this private IP, and then use the public WAN IP of this device in front of this private IP to set up a VPN with the WAN IP at the other end.
Public WAN IP----------------VPN----------------Front device(Public WAN IP---SET port forwarding)---Private WAN IP
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 524
Replies: 3
Voters 0
No one has voted for it yet.