Site-to-site VPN through NAT and firewall on one side
Posted: Mon Jul 10, 2017 9:06 pm
Hi, I need to connect remote lab network to primary lab network over VPN using VM installed in primary network. I have full control over remote lab however primary lab network is part of huge corporate infrastructure and port forwarding is not an option as It'd require a lot of changes. So network scheme is more or less like this:
(remote lab) RouterOS CHR | KVM host | CCR1009 | RB2011 ---- INTERNET ---- <firewalls, NAT, scary shit> | ESXi host | RouterOS CHR (primary lab)
VMs on ESXi have internet access and lab network access however they're not exposed to WAN so connection has to be initiated by this site. CHR in remote lab can have ports forwarded as it's significantly simpler infrastructure. Is it possible to bridge those 2 networks? Preferably on L2 but if it's not possible / not good idea then L3 is fine as well.
(remote lab) RouterOS CHR | KVM host | CCR1009 | RB2011 ---- INTERNET ---- <firewalls, NAT, scary shit> | ESXi host | RouterOS CHR (primary lab)
VMs on ESXi have internet access and lab network access however they're not exposed to WAN so connection has to be initiated by this site. CHR in remote lab can have ports forwarded as it's significantly simpler infrastructure. Is it possible to bridge those 2 networks? Preferably on L2 but if it's not possible / not good idea then L3 is fine as well.