• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

Site to Site IPSEC VPN to tunnel ONLY external IP's

Okay. So someone asked me..."i want to setup an IPSEC tunnel to encrypt public IP traffic btw two locations." so essentially, setting a site to site VPN not to private to private network but to two public ips.

On my end of things, i have a HTTP service running on IP-A. the Remote location is IP-B. So when HTTP requests originate from IP-B, traffic will be tunneled.

Does that make sense?!?
  • 2
1 Solution
I don't see why you couldnt do this using the IP's as your "networks"

Because the traffic will obviously pass across the VPN devices either way

I.e IP_A --VPN Device --------VPN Device----IP_B
Keith AlabasterEnterprise ArchitectCommented:
An IPSEC VPN using the Internet is using public IP addresses to form the tunnel anyway, not private ones as the two endpoints need to be able to communicate across the link before the tunnel is created.

A secondary stage of the creation will define what traffic/ports will be allowed to pass across the vpn tunnel so yes, it makes sense.
Now if you are attempting to have the Webservers themselves be the VPN end points I would have to say no.. (I.e linux boxes also running Apache and something like OpenSwan) , since you did not provide any details on how you are planning to achieve the VPN connectivity..
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now