Is it possible to get a cloud server connected via IPsec tunnel to one gateway, that then passes it to another via LAN?

addMitt

3/24/24, 7:09 PM

Odd situation but I'm trying to get something that works with certain products. Here are the components in this scenario:

Virtual Machine in cloud, connected to a SonicWall gateway ("Cloud Gateway")
Local gateway at customer office with full gateway capabilities ("Local Gateway")
Odd gateway at customer office ("Odd Gateway") that uses technology similar to ZeroTier to connect any devices on its single LAN, to any other devices connected to these products across the globe owned by the same customer. Basic gateway functionality. No standard VPN tunnel support.

Customer likes the Odd Gateway product. However the Odd Gateway product doesn't have an easy solution for getting something like a cloud server connected to it. It requires you to plug physical NICs to it via ethernet/switches. It has a configurable local LAN with optional DHCP server. Any devices identified on this LAN are connected to any devices on other Odd Gateways around the world, using nothing but an outbound WAN connection. Customer has a simple interface for managing these connections.

Is there a way that I can get silly, and introduce a second, regular Local Gateway to the situation, in order to get a cloud server connected to one of these Odd Gateways?

Say they obtain a regular Local Gateway, and connect it directly to the Odd gateway. Both gateways could have dedicated WAN connections.

Is it possible to use the WAN interface on the Local Gateway to establish a site-to-site IPsec tunnel with the Cloud Gateway, obtaining access to the cloud server, and then forward the cloud server's traffic over another interface, that is connected to the LAN of the Odd Gateway?

The Odd Gateway only cares that it can identify a device on the same subnet as its LAN.

I keep trying to think of how this might work but my brain ends up in knots. I think it might be impossible, but then I wonder with some combination of static routes and NAT if I could actually get it to work. Or perhaps there is another networking concept I'm unfamiliar with that would be utilized for this.

Anyhow, I appreciate any help on this and can gladly provide more info if necessary.

0 + 1

networking

vpn

ipsec

Abu Zaid

3/26/24, 12:27 AM

Can you draw a diagram of what you have and what you are trying to do? Also providing make and model of devices will help.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is it possible to get a cloud server connected via IPsec tunnel to one gateway, that then passes it to another via LAN?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.