Vpn tunnel Asa 5505 to fortigate 60c
Hi nanog, I have a fortigate 60c connecting a vpn tunnel to an asa 5505. I have the connection setup, but it will not connect because unfortunately the isp at the fortigate end decided to give us a 192.168.13/24 address. Now what I'd like to know is if there is any way to get this vpn connection to work through a pat connection until the isp resolves this issue? Thank you for any help. Zane Sent from Samsung mobile
What is the public peer address on the ISP end? On May 18, 2013 8:15 AM, "akurenath" <akurenath@hotmail.com> wrote:
Hi nanog,
I have a fortigate 60c connecting a vpn tunnel to an asa 5505. I have the connection setup, but it will not connect because unfortunately the isp at the fortigate end decided to give us a 192.168.13/24 address. Now what I'd like to know is if there is any way to get this vpn connection to work through a pat connection until the isp resolves this issue?
Thank you for any help.
Zane
Sent from Samsung mobile
Almost all firewalls support NAT-T, which allows for using a private IP address on the "outside" of the firewall (which is translated to a routable public IP address before it gets on the Internet). You will need UDP 500 (for IKE) and UDP 4500 (for IPsec NAT-T) open, so no devices between the firewalls can block those ports. I know the ASA supports this, because I have setup customers with "private" IP addresses on their ASAs in certain circumstances. I'm not familiar enough with the Fortinet equipment, but you may need to turn on a NAT-T feature. HTH, Fred Reimer On 5/18/13 11:13 AM, "akurenath" <akurenath@hotmail.com> wrote:
Hi nanog,
I have a fortigate 60c connecting a vpn tunnel to an asa 5505. I have the connection setup, but it will not connect because unfortunately the isp at the fortigate end decided to give us a 192.168.13/24 address. Now what I'd like to know is if there is any way to get this vpn connection to work through a pat connection until the isp resolves this issue?
Thank you for any help.
Zane
Sent from Samsung mobile
participants (3)
-
akurenath
-
Fred Reimer
-
Kenneth McRae