New Member
Posts: 17
Registered: ‎06-20-2014

Setting up GRE tunnel or IPSEC from behind NAT to a Juniper SRX

Hi,


I have a Juniper SRX in the data center on a public IP. I have my EdgeMax device that is BEHIND NAT and I want to create a tunnel to my SRX device. I have set up dynamic VPN accounts on it. My goal is to set up this device as a CPE where the customer would have this device plugged in to their network and I can give them a public /27 that they can then use as if they are corrected directly to me in the DC.

 

TIA.

 

Dovid

 

Ubiquiti Employee
Posts: 2,991
Registered: ‎02-04-2013
Kudos: 354
Solutions: 289

Re: Setting up GRE tunnel or IPSEC from behind NAT to a Juniper SRX

[ Edited ]

If you meant IPSec, you can start with http://wiki.ubnt.com/IPSec_VPN_-_CLI_Commands#IPSec_with_NAT-T

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5479
Solutions: 1656
Contributions: 2

Re: Setting up GRE tunnel or IPSEC from behind NAT to a Juniper SRX

Could you clarify if IPsec (encryption etc.) is required or if you just need GRE tunnel? Also it sounds like you want to do layer-2 GRE with bridging?

Highlighted
New Member
Posts: 17
Registered: ‎06-20-2014

Re: Setting up GRE tunnel or IPSEC from behind NAT to a Juniper SRX

UBNT-Arthur:

 

I wasnt the opposite config for R2. I want to put a public IP on the LAN side and on the WAN side it will have an IP that it gets from a DHCP server. I am looking to do something like this:

graph.JPG

 

My goal is be a virtual ISP for clients that are in a location with internet from sone one else

 

Over all I am looking for layer2. GRE would be fine however you need to be on a public IP for it to work and the device is behind NAT.