Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 9292 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is an IPSec Host to Host VPN Possible with Virtual IP Gateway Address

notify.sina
Hi 

I have a Sophos UTM 9 which I need to setup a Site to site VPN with another site and they want to use private addressing to establish the tunnel.
I've run out of interfaces on the UTM, and I created an additional address  on the eth1 using the gateway address they want to use (10.250.50.A).

Is it possible to setup Site to site using an additional address on eth1? After setting up the tunnel the SA and the VPN ID both show the primary Public address of eth1 (4.2.2.50) and not the additional address I had setup for this (10.250.50.A).

SA: 192.168.2.X/32=4.2.2.50 10.250.50.B=172.1.1.37/32
VPN ID: 4.2.2.50


Thanks for any advice!


This thread was automatically locked due to age.
Parents
  • 0
    SA: 192.168.2.192/32=4.2.2.50 10.250.50.42=172.16.16.37/32

    I'm still confused - I appreciate that you're trying to communicate securely, but there just are not enough coherent details for me to be able to picture what you want.

    I think I agree with apijnappels, but I doubt that you want to use 10.250.50.41 as an Additional Address.  Then again, I can't "see" your topology, connectivity, etc.

    Do you have anything more on the other side than a single IP that you want to reach?  How can a public IP like 42.2.250 ever get routed to the private IP 10.250.50.42?

    Don't they just want all traffic from you to go through the tunnel and have it appear to come from a single IP?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    SA: 192.168.2.192/32=4.2.2.50 10.250.50.42=172.16.16.37/32

    I'm still confused - I appreciate that you're trying to communicate securely, but there just are not enough coherent details for me to be able to picture what you want.

    I think I agree with apijnappels, but I doubt that you want to use 10.250.50.41 as an Additional Address.  Then again, I can't "see" your topology, connectivity, etc.

    Do you have anything more on the other side than a single IP that you want to reach?  How can a public IP like 42.2.250 ever get routed to the private IP 10.250.50.42?

    Don't they just want all traffic from you to go through the tunnel and have it appear to come from a single IP?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML