Link to home
Create AccountLog in
Avatar of JPDU4
JPDU4Flag for United States of America

asked on

S2S VPN - connection to a partner site, requires using PUB NATTED address on the tunnel

Hello,
How would you configure a S2S connection with a vendor who requires you to have a PUBLIC address as the source on the tunnel.


Currently I have a pair Cisco ISR's devices doing our production NAT and FWing.  Since this is a temporary solution, I plan to configure a standalone ISR that will participate in the vendor S2S VPN connection. The servers that need access to the the vendors tunnel are NATTED on the core's. My thought process is to simply put a static route on my core to point at the temp ISR performing the 2S2 to get to that network. This should all work, but I am concerned on how to set up the NAT on the S2S Tunnel so that it looks like they are coming from one of our public addresses. They are putting a filter in place and will only accept the PUB address.
Avatar of JPDU4
JPDU4
Flag of United States of America image

ASKER

.
ASKER CERTIFIED SOLUTION
Avatar of Member_2_242582
Member_2_242582

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of JPDU4

ASKER

Thanks Aarie, completely what I thought - just needed a confirmation.  Thank you