A company is located in an office building. A remote user of the company attempts to access the company intranet through the SVN3000 VPN access network gateway. The building has only one public network egress, and the company intranet has no public IP address.
The company has no public IP address, and connects the SVN3000 to the firewall at the intranet egress. The company needs to apply for a public IP address and use it for the virtual IP address mapping of the SVN3000 and as the intranet egress.
The customer wants to implement SSL VPN remote access based on the live network. The solution is as follows:
Perform NAT server mapping for the virtual IP address on the firewall at the intranet egress. Perform NAT server mapping for the IP address of the intranet egress on the firewall at the network egress of the office building. The mapping needs ports 8443 and 443. After the mapping, the extranet user can log in to the SVN3000 and access the intranet.
The company uses the SVN3000 as the VPN access gateway and requires a public IP address for remote dial-up.