Who Me Too'd this topic

Who Me Too'd this topic

L0 Member

Site to Site VPN Double NAT Issue


We have a branch office connected via site to site vpn, plao alto firewalls at both locations.

Due to buiding works the office has been relocated to a shared building and we're having to use a third party's network connection. We've been provided with a public IP address which is then NAT to a 192.x.x.x address which they then route to our fw. We would like to reinstate the site to site vpn.

The fw at the new location has the external interface set on the private 192.x.x.x range. Phase 1 negotioation from our main site is failing as it detects the private address as an invalid peer as we have the public address configured as the remote peer on the IKE Gateway.

Is there a way around this?

Thanks in advance.

Who Me Too'd this topic