SRX Services Gateway
Highlighted
SRX Services Gateway

Dynamic VPN to IPsec VPN tunnel

‎12-03-2015 04:45 PM

Hi Guys,

 

Does anyone already try to do the setup below.

 

VPN Client ---------> | SRX | -------IPSec VPN-------> | Firewall |

    client  ---------------------------------------------------------> server

 

I have vpn client connecting to SRX and same thing I have site to site VPN to another firewall. What I'm trying to accomplish is to able VPN Client connect to the another remote VPN site server.

 

Please let me know if my setup is possible or not. 🙂

 

Regards,

JM Espanol

1 REPLY 1
Highlighted
SRX Services Gateway

Re: Dynamic VPN to IPsec VPN tunnel

‎12-04-2015 04:25 AM

I think this should be possible. Lets take below example.

 

For dynamic VPN we can put 100.100.100.1 as remote protected resource and thsi will install a route on Dynamic VPN Client

When Dynamic VPN client sends request to 100.100.100.1, SRX do route/flow lookup and identify it has to go via IpSecVPN

 

You may put 192.168.1.0 subnet as local and 100.100.100.1 as remote subnet (Proxy ID)s

 

 

192.168.1.2------------DynamiC-VPN------192.168.1.1(SRX)(10.10.10.1)---------------------IpSecVPN-----------(10.10.10.2)FW-------(100.100.100.1)

 

 

*** This is just my thoughts, never tested***

Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Feedback