How to NAT subnet class B to class C through IPSec VPN

Hi Samuel Tjen,

Thank you for reaching out to Sophos Community.

Moving this thread to Sophos(XG) firewall discussion.

As per the network diagram, B side only allows 192.168.99.35/32 subnet. To allow communication between Side A and Side B over IPsec, you'll need to NAT Side A network 172.16.xx.xx/xx with 192.168.99.35/32 subnet.

Refer to the article below to apply NAT over a Site-to-Site IPsec VPN connection.

https://support.sophos.com/support/s/article/KB-000035848

SF1_LAN will be your Side A network

Local_NATed_LAN will be 192.168.99.35/32 subnet

Hi Samuel Tjen,

Thank you for reaching out to Sophos Community.

Moving this thread to Sophos(XG) firewall discussion.

As per the network diagram, B side only allows 192.168.99.35/32 subnet. To allow communication between Side A and Side B over IPsec, you'll need to NAT Side A network 172.16.xx.xx/xx with 192.168.99.35/32 subnet.

Refer to the article below to apply NAT over a Site-to-Site IPsec VPN connection.

https://support.sophos.com/support/s/article/KB-000035848

SF1_LAN will be your Side A network

Local_NATed_LAN will be 192.168.99.35/32 subnet

Hi Yash Kothari,

Still no luck with it

I wonder if I have to do static routing ?

Regards,

Samuel

Could you please share the configuration snapshot here or in PM?