Hi,
this is my first topic.
I’m trying to make a VPN IPsec between Cisco ASA and MTK. I found more tutorial very helpful
I tried with 2 sites with six public IP for each sites, and all work fine: router have a IP public 1.2.3.4, MKT the next of the pool: 1.2.3.5
I have the problem where the site have only one fixed public IP.
So I tried: (not real public IP!):
----- SITE 1 = HQ (Cisco ASA) ----------(8 public IP)
1)ROUTER WAN with public IP: 8.19.120.131
2)WAN Cisco ASA always public IP: 8.19.120.132
3)static route on the ASA: 0.0.0.0 0.0.0.0 to 8.19.120.131
4)LAN inside the ASA (lan for the clients): 192.168.0.1/24
----- SITE 2 = MTK ----------
1)ROUTER of the provider WAN with public IP: 8.9.10.11
2)ROUTER of the provider inside LAN : 192.168.100.1
3)WAN of MTK: 192.168.100.2
4)LAN inside the MTK (lan for the clients): 192.168.4.1/24
Now the clients on site 2 are able to go on the internet. I forward on the ROUTER on the site2 the port UDP/TCP 500 and UDP/TCP 4500 to the MTK(192.168.100.2)
The VPN IPSec don’t work.
The traffic for the tunnel it should be from 192.168.0.1/24 to 192.168.4.1/24 and viceversa.
On the MTK I see under IP->IPSec ->Remote Peers:
“Remote Address”: 8.19.120.132 (correct, is the public IP of the ASA)
“Local Address”: I see the 192.168.100.2, and I think in not correct: I should see the public IP of the site2?
I hope I was clear.
Thank you.
LAN2-------MTK--------ROUTER-----------***WAN ***---------------ASA------------------LAN1