i have a firewall with fake external subnet and its outside interface is connected to a router; in which the real IP address is terminated.
i want to create a VPN connection (site-site)&(Client-site) to the firewall. i only have one real static IP address which exists on the out router.
i want to know if its possible to create a VPN connection terminated at the firewall, if yes, what is the ports i have to open and to create a NAT for it on the out router.
for building VPN between site to site and client you use IKE protocle UDP 500, however could you please post if you want a small shema for you design because i didn't undsrtood you designe.