We currently have a VPN Firewall (Sonicwall Pro3060). An outside company is requiring to install a VPN router on our network to secure VPN to them. Our SonicWall already has IPsec VPN tunnels to our other office locations. One static route is configured to one of our offices that we have a T1 connection to. We have a block of 5 static IPs from our Cable ISP. The two WAN ports are already being used on the Sonicwall Pro3060 (one for internet connetivity/webhosting the other for the vpn tunnels). We cannot assign another static IP to an interface on the sonicwall, which I would assume we would require to NAT the additional VPN router behind one of the interfaces.
I'm sure this is very simple in theory but am getting confused with everything else comes into play with the existing VPNS and that the sonicwall is our VPN router already. Am I just assigning a port and NAT one of the IP addresses on the existing interface to the external port of the new VPN router?
I am not configuring the new VPN router, it is being preconfigured and sent to us, but requires information from us. Below is the info that they require, any help on this would be appreciated:
Hosted Router expected configuration (applies to VPN connectivity)
(I italicized my answer and bolded ones I'm not sure of)
-Internet routable IP/subnet mask and default gateway for outside Ethernet port for Hosted vpn router:
-Interface setting for outside port? We are looking for speed (10/100/1000) and duplex (auto, half, full): Auto
-IP/subnet/gateway for inside Ethernet port of Hosted router: 192.168.0.2 / 192.168.0.2
-Interface setting for inside port? We are looking for speed (10/100/ or 1000) and duplex (auto, half, or full): 100/Full
-Next hop for inside port of Hosted router: Unsure, do I put our exisiting Sonicwall as the Hop?
-Source IP address of traffic inbound to Hosted servers (typically, end user subnet, firewall NAT, firewall hide address): Unsure, is this our WAN IP? 68.190.x.x? with the port?
-For outside PORT, if hosted VPN router would be located behind firewall, we need info for that too (ip, subnet, gateway and associated routable IP/subnet/gateway): Since I think it will have to be behind our Sonicwall, I'm thinking 192.168.0.3:6000 gateway: (sonicwall ip: 192.168.0.1) subnet: 255.255.0.0
Our local LAN info is 192.168.x.x / 255.255.0.0 / 192.168.0.1