Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 5 subscribers
  • Views 19573 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC with SNAT problem

SimonKeel

Hi, I have successfully set up an IPSEC VPN tunnel to a counter-party. However, they see my local IP address when I connect to one of their servers from my desktop (192.168.x.y). Since this will only work when they see me with our public IP i have setup a SNAT rule which i also see to be applied in the live log of the Firewall (create firewall rules automatically set). However, the other party says they don't see any packets from our end with NAT enabled. What am I doing wrong here?



This thread was automatically locked due to age.
Parents
  • 0
    Hi Simon - It's not clear whether this is a site-to-site tunnel or a Remote Access connection (not possible, I think). For a site-to-site, put "External (Address)" into 'Local Networks', DO NOT select 'Strict routing' and then, using Tim's subnet examples:

    Traffic Selector: 192.168.0.0/24 -> ANY -> 192.168.1.0/24
    Source Translation: External (Address)

    The other end must be correctly configured to see the IP of your "External (Address)" as your LAN. From your description, I guess that it is.

    Cheers - Bob
  • 0 in reply to BAlfson
    Hi Bob/All

    Thanks a ton for your help, adding the external into local networks actually solved the issue (its a site-to-site tunnel). Additionally, turning on the logging for the auto-generated rule did help to tack the issue.
Reply Children
No Data