This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reverse NATing traffic kills NATed traffic inside IPSEC tunnel.

Hi all,

I've found a really disturbing bug when you use NATing before an IPSEC tunnel.

The tunnel is UP between two XG 135 at the actual last release (SFOS 16.05.3 MR-3).
I've to make a static bidirectional NATing for the remote site range.

I can access from remote site to the main site (Traffic 1) unless I initiate traffic from main site to remote site (Traffic 2) via the NATed IP.
After doing this, traffic 1 fail but traffic 2 is still working.
If I reset the tunnel, traffic 1 work again until I launch traffic 2.
On main site, the traffic is correctly NATed : for traffic 1, 10.66.0.11 has 10.10.20.101 as remote IP.

This thread was automatically locked due to age.

Parents

0 SebastienDick over 8 years ago

I think I found the problem.
The LAN of my remote site was a bridge of two interfaces.
After the deletion, everything seems to be correct. My traffic is not interrupted after starting reverse traffic inside the tunnel.
I hope this will be fixed in the next version and this thread can help someone with the same problem.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 SebastienDick over 8 years ago

I think I found the problem.
The LAN of my remote site was a bridge of two interfaces.
After the deletion, everything seems to be correct. My traffic is not interrupted after starting reverse traffic inside the tunnel.
I hope this will be fixed in the next version and this thread can help someone with the same problem.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data