Forum Discussion
dennypayne
May 09, 2008Employee
The only way I've been able to get that to work is by allowing IP forwarding to the network behind the LC from one of the links so that a direct connection can be made to the VPN termination IP. That means that a) the backend network probably has to be publicly routeable and b) the VPN tunnel is confined to one link and won't be able to fail over to any other links.
I have frequently heard that there are VPN setups that can work even when NAT'ed but I have yet to see one actually working in the wild.
Denny