SSLVPN using Virtual IP to Connect to Multiple internal IP

astuk · ‎09-26-2023

i have IPSec VPN tunnel where al Phase 1 and 2 done and VPN tunnel is up.
i configure phase 2 IP with virtual IP and i mapped it to an internal IP, now tunnel is up and my internal server is able to reach remote site.

Now it come as business need, we need multiple servers to reach remote site and they are in different subnet. how to reconfigure this virtual IP to map to diffrent intenal IP in diffrent subnet.

10.0.0.0.1 192.168.1.254

xshkurti · ‎09-26-2023

@astuk
You have to create different virtual IPs, each of them mapping to different server.
All these virtual IPs need to be added to phase2 selectors of IPSec VPN on both ends.

TuncayBAS · ‎09-26-2023

I don't know your exact structure, but you may need to open VIP for each server.

Or you can use the IP range in the VIP definition.
For example :
172.16.16.1-172.16.16.254 in the "External IP address/range" field
192.168.2.1-192.168.2.254 in the "Map to IPv4 address/range" field

By using it, local servers can access the remote location by entering VPN and changing to their own nat ip.

This way, you will not have to define VIP separately for each server.

Tuncay BAS
RZK Muhendislik Turkey
FCA,FCP,FCF,FCSS

SSLVPN using Virtual IP to Connect to Multiple internal IP

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website