Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 551 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PBVPN / RBVPN

Manish Chawda

Hi,

Why MASQ is required to w.r.t PBVPN / RBVPN to configured in SNAT ?

To my understanding is that if I am connecting IPSEC of type mentioned, the packet does not required to be changed (MASKED) since the packet is on IPSEC S2S. My thinking is that if it would have to in internet then it would might require MASQ but in these case ?

Also many a times I have faced a question that NAT rule is only configured if there are more then 1 network, is it ? For single network NAT rule not required to  be configured.

Please explain.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to LuCar Toni

    I have created PBVPN / RBVPN, in both cases if I do not configure NAT rules with MASQ then not able to access resources

    Please help me to make it understand logically with examples if possible

  • +1 in reply to Manish Chawda

    Hello Manish,

    As Luca mentioned, it would depend on your deployment, usually, when people use NAT within the tunnel is either their subnets are overlapping with the other site, or the other site just wants to see the traffic arriving at it with a specific subnet.

    In most cases where you use Masquerading, it means the endpoint (receiving the Ping) only replies to packets within its same subnet.

    Regards,