Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hello
It's possible to setup Vpn site-to-site connection without Public IP, using only local IP ? Some forwarding from public IP to local ? In one branch i don't have public ip in our firewall, i have to connect this branch vpn connection.
Best regards
luk
if you want to establish a vpn over the internet, you need to have public ip on both the ends ...
if you dont have any, enjoy 🙂
Use teamvieweer software to remotely access you entriprise systems remotely over the internet
regards
That should work, as long as the HQ has a public IP. You'd set NAT traversal, use FQDN to identify the branch firewall, and possibly set aggressive. I seem to remember NAT-T requires aggressive, but would need to look it up.
Yeah it required aggressive mode.
You can use FQDN on dynamic side if you have DYNDNS or similar.
You can also use dynamic-user-at-hostname IE an email address as the ID for the dynamic end. This disadvantage of this is that you will not be able to bring up the vpn from your Head end. But as long as you have a traffic generator on the remote end to keep the vpn up this works just fine. I've got over 100 vpns setup this way. Good for punching though customer firewalls W/O having firewall rules or a static ip.