Avatar of presscwo
Flag for United States of America asked on

How to route through firewall to access IPsec Tunnel

Please see attached Diagram for reference.

I have established a VPN tunnel from our main site to our data hosting company.  I want to be able to allow for traffic from the remote site (64.197.xxx.xxx) and destined for the data center (208.89.xxx.xxx) to go through the VPN tunnel on the Main Site.  It is a pretty simple setup.  

Should I route from the ASA and forward all data center traffis to go through the main site?  What do I do with the data when it arrives at the main site to route it through the tunnel?

Internet ProtocolsInternet Protocol SecurityNetwork Architecture

Avatar of undefined
Last Comment

8/22/2022 - Mon

You should not need more than to set the
* Remote Site ASA to route traffic for Data Center thru the Main Site ASA
* Main Site ASA to know how to route traffic to Remote Site (
* Data Center server(s) to route traffic for via the VPN tunnel.
So it is all about proper routing.

I was told by someone knowledgeable that I would need to contact my ISP to advertise the route to the specific host to get it across the MPLS network.  Any thoughts?

Sounds reasonable. Though, I don't have any experience with MPLS.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question