I am trying to set up site-to-site VPN between Firewall1 and Azure. For this, I would need to have the same public IP that firewall2 has currently on firewall1. How can I achieve this?
At the moment, I have a clientless VPN enabled on the firewall1 and enabled port forwarding so that I can access the firewall1 WAN facing IP using the Public IP from the internet.
I am new to networking, so kindly guide me in the right path to achieve my goal which is to have S2S VPN between firewall1 and Azure.
Each firewall requires a unique public IP address. You can’t have any duplicate IP addresses.
What kind of device is Firewall1? Also, what kind of VPN are you trying to establish? I don’t have any experience with Azure Firewall but I’m guessing this is IPSec with IKEv1 or IKEv2?
Firewall1 is a Sophos VM inside my lab server. I am anticipating IPSEC IKEv2 implementation between this Sophos and the Azure. And I don’t want to establish site to site from Firewall2 to the Azure.
Is there a way by performing NAT or similar techniques to achieve this, can I achieve this s2s vpn still by the current implementation of port forwarding?
Now I see. It is possible to establish IPSec through NAT, but you’ll need a router/firewall that supports NAT-Traversal (NAT-T). I don’t have a tutorial on NAT-T at the moment. I’m not sure what device you use for Firewall2 but see if it supports NAT-T.
