Hi all,
Our company uses Astaro gateways (hardware) at both sites, and we want to connect 2 sites using VPN. Before pushing them into production, we build a lab to test the VPN function of Astaro gateway. The result is that site to site VPN connection fails whenever there is a NAT device in between, whether we use SSL or IPsec VPN (though Astaro gateway supports NAT-Traversal by default). It means that if the Astaro VPN gateway is behind a NAT device (like a NAT modem), then VPN fails; if we remove all NAT device in between then VPN works.
The problem is that our branch office use a NAT modem to connect to Internet via FTTH (fiber to the home). With FTTH, we cannot connect Astaro VPN gateway directly to Internet without going through a modem to avoid problem with NAT. So branch office is behind NAT (while head office is not), and VPN fails.
Branch's LAN ---> Astaro gateway 1 ---> FTTH modem (NAT) ---> Internet
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
