Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 9292 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is an IPSec Host to Host VPN Possible with Virtual IP Gateway Address

notify.sina
Hi 

I have a Sophos UTM 9 which I need to setup a Site to site VPN with another site and they want to use private addressing to establish the tunnel.
I've run out of interfaces on the UTM, and I created an additional address  on the eth1 using the gateway address they want to use (10.250.50.A).

Is it possible to setup Site to site using an additional address on eth1? After setting up the tunnel the SA and the VPN ID both show the primary Public address of eth1 (4.2.2.50) and not the additional address I had setup for this (10.250.50.A).

SA: 192.168.2.X/32=4.2.2.50 10.250.50.B=172.1.1.37/32
VPN ID: 4.2.2.50


Thanks for any advice!


This thread was automatically locked due to age.
Parents
  • 0
    Sorry for the misrepresentation. 

    I was trying to use 192.168.2.X and 172.1.1.37 as private IP address representations to obscure the real IPs.
     Everything is supposed to be over private IP addresses, and the VPN tunnel is accross a fiberchannel link that connects both sites.
    Perhaps this is a better representation:

    SA: 192.168.2.192/32=4.2.2.50 10.250.50.42=172.16.16.37/32
    VPN ID: 4.2.2.50

    Instead of 4.2.2.50, I need it to be 10.250.50.41, which is an additional address on the same interface with 4.2.2.50 (the primary address).
Reply
  • 0
    Sorry for the misrepresentation. 

    I was trying to use 192.168.2.X and 172.1.1.37 as private IP address representations to obscure the real IPs.
     Everything is supposed to be over private IP addresses, and the VPN tunnel is accross a fiberchannel link that connects both sites.
    Perhaps this is a better representation:

    SA: 192.168.2.192/32=4.2.2.50 10.250.50.42=172.16.16.37/32
    VPN ID: 4.2.2.50

    Instead of 4.2.2.50, I need it to be 10.250.50.41, which is an additional address on the same interface with 4.2.2.50 (the primary address).
Children
No Data
Unfiltered HTML