So, the CP FW is the outer facing edge, where the NAT occurs, and the 1841 is
the VPN termination point?
Regards,
Jay McMickle- CCNP,CCSP,CCDP
Sent from iJay
On Apr 3, 2012, at 11:47 PM, Lucky <iamreallylucky_at_gmail.com> wrote:
> Thanks jay,
> to be more precise ,
> currently two ports in 1841 are already used for nat inside and outside and
it gets terminated at production network through checkpoint firewall - this
has an existing tunnel to london. I want to create another tunnel to london
without disturbing the existing network and put another port in 1841.
>
> in the 1841 i want to insert another card with ethernet port, configure so
that i can connect to another firewal and create my tunnel- is this possible
> is it possible for the 1841 to handle this
> right now only two ports are there in 1841 and already used for nat inside,
outside , so the above scenarios is possible.
> thanks
> lucky
>
>
> On Wed, Apr 4, 2012 at 12:11 PM, Jay McMickle <jay.mcmickle_at_yahoo.com>
wrote:
> Are you stating that you want to stand up another L2L tunnel, with a
separate IP (from the same /28 block) on the outside Interface of the 1841?
You might be able to use ip add x x secondary, but I don't know that it would
work, and could get messy. Now, you mentioned a checkpoint device, so I'm
assuming maybe you have a checkpoint device on the inside? Could you NAT from
the outside to the inside to the checkpoint and terminate your VPN there?
>
> Sorry of I missed the context of your question.
>
> Regards,
> Jay McMickle- CCNP,CCSP,CCDP
> Sent from iJay
>
> On Apr 3, 2012, at 10:31 PM, Lucky <iamreallylucky_at_gmail.com> wrote:
>
> > Hi expert guys,
> >
> > i am using cisco 1841 which is terminated from - fiber link 22mbps
> > connection in singapore .
> >
> > I have 16 free ip for this line. right there is only two ethernet
interface
> > used for in and out.
> >
> >
> > from my network vpn is created to another location in london , now i want
> > to create another vpn connection using another ip and isloated few users
> > through another
> > firewall (checkpoint).
> >
> > is this possible with single link termination from one router nat outside
> > and two ports for nat inside with the other ips.
> >
> > thanks
> > lucky
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Apr 04 2012 - 08:07:42 ART
This archive was generated by hypermail 2.2.0 : Tue May 01 2012 - 08:20:45 ART