Can I implement ProxyClient with the Client located in Public Network and the ADN/ProxyClient Concentrator located in Private Network?

FAQ ID:    FAQ1363
Version:    2.0
Status:    Published
Published date:    05/09/2011
Updated:    05/26/2011


A public IP address is required on the ADN/ProxyClient Concentrator to make this set up work, as the ADN/ProxyClient Concentrator will use that IP on itself to broadcast the Explicit ADN route to another ADN peer, including the ProxyClient.

In a scenario where the ADN/ProxyClient Concentrator only has a private network IP address and the Client is located on a Public Network, the ADN/ProxyClient Concentrator will broadcast a private network and the Client on the Public network has no way of establishing an Explicit ADN tunnel to the ADN/ProxyClient Concentrator IP.

However there is an option to implement this, but it only works if there is no other ADN peer in the internal network. The changes need to be done on the Concentrator for the ProxyClient traffic .

The Firewall which faces the Public Network needs to NAT the "Proxy" Public IP to the Proxy Internal IP.

On the ProxyClient Concentrator

  1. In the ProxySG Web Management Console select Configuration > ADN > Tunneling > Load Balancing > Explicit > External VIP. 
  2. Specify the public IP on the router which will be NATed back to the Concentrator located in internal network.



Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question