Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jan_Kleinhans
Collaborator

VPN Tunnel in VPN Tunnel possible?

Hello,

we have the following task to resolve.

We will get a VPN Tunnel to a mobile provider with an own network (APN) which is only for us and can only connect to our network over the provider based VPN Tunnel. 

To encrypt traffic also from the mobile provider we would like to run a VPN Tunnel from the mobile Gateways (4G Routers with ipsec capability) to our gateway.

Is this possible with one VPN Gateway? Or do we have to place a VPN gateway behind the gateway which holds the tunnel to the provider?

I would not know how to create the topology for the interoperable device when using only one central gateway.

Let's asume we have a tunnel between 1.0.0.10 (Mobile Provider) and 8.0.0.10 (our Gateway). 
The network provided by the mobile provider for our 4G-gateways will be 10.0.0.0/24 so this should be the topology of object 1.0.0.10.
For each 4G gateway there would be an interoperable device with IP 10.0.0.11 for example and 10.0.0.11/32 as topology.
Would this work with only one VPN gateway on our side?

Regards,

Jan

0 Kudos
3 Replies
G_W_Albrecht
Legend
Legend

What is the reason to encrypt data 2 times ? If a very secure internal connection is needed you can achive it using Access Rules.

0 Kudos
Jan_Kleinhans
Collaborator

The traffic could be captured by the mobile provider or somebody who gets access to the network of the mobile provider.

0 Kudos
G_W_Albrecht
Legend
Legend

I think this is not possible with one VPN GW on main site - i would suggest that you ask CP !

Other idea: Router with VPN to mobile provider before GW that connects to the 4G-gateways.

0 Kudos