This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to setup Site to Site IPSEC VPN When Both Sites is Behind NAT


Can someone help me with a step by step or by screenshots how to setup/config this option.

I want that all traffic is going out through site A. So all ip and dns requests.






This thread was automatically locked due to age.
Parents Reply Children
  • I haven't tried this but you might be able to use a Dynamic DNS name on one of your locations and configure the main router in this location to have the UTM be a DMZ device (or at lease make sure all traffic is sent to the UTM).

    You would still need to make manual adjustments since most likely your UTM will not be default "find" the real public WAN address.

    It would be better if you could bridge one of the modems on one of the current locations so you don't have double-NAT on both locations.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Also you might be able to use UTM to UTM RED connection..... you will then also have to manually configure routing between A and B, but it might be easier to configure in your situation with double NAT on both sides.

    Anyway you will want to configure at lease one main router to port forward to the UTM otherwise no traffic will ever reach the UTM.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.