I am coming from a Cisco firewall background so hopefully this makes sense.
I have a number of site to site VPN tunnels where the local LAN is 172.16.1.0/24. For just one of those tunnels I need to present just one IP - 172.16.1.10 to the remote end but it needs translating to a different IP eg. 172.16.22.10. This NAT should only effect this tunnel and nothing else. The remote end is a Cisco firewall.
The connection is initiated from the Cisco end to the 172.16.22.10 IP.
I have got the VPN tunnel up and running using this guide - https://community.sophos.com/kb/en-us/123356 and if I ping from the Sophos end I can ping a host behind the Cisco firewall. But what I can't do is ping 172.16.22.10 from the Cisco end.
If this was a Cisco firewall I would create a static policy NAT statement for the 172.16.22.10 IP so in effect the 172.16.1.10 IP is only translated to the 172.16.22.10 IP for this specific tunnel.
So my question is, should what I am trying to do work using the above document or do I need to create a static policy NAT statement on the Sophos and then use that in the VPN setup ?
Many thanks
This thread was automatically locked due to age.
