Create a Post
Showing results for 
Search instead for 
Did you mean: 
Jump to solution

Site to Site VPN configuration suggestion

Hello everybody,

We have a customer with topology like this:


They have established VPN tunnels between Cisco ASA (will be replaced with FirePower as on image above) and remote peers (different devices). Current configuration is such that ASA has all private IP addresses and NAT to public IP address used for VPN peering is being done on CheckPoint GW.

They reported few issues after upgrade from version 77.30 to version 80.10. Also, I have read that it's not best design decision to have NAT configured like this in a S2S VPN configuration.

What are your thoughts on this? Do you have any suggestions on how it should be done "properly"?

Thank you all in advanced,



0 Kudos
7 Replies
This widget could not be displayed.