This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC 1:1 Nat with overlapping networks

Hi Peoples

with new utm 9 there is newly support for 1:1 Nat but no description.
We have a new client side which has the same network like HQ see below. We have no direct access to Clientside Firewall.

HQ Side Lan:
10.0.0.0/24 Public IP (IPSEC)
Client side Lan
10.0.0.0/24 Public IP (IPSEC)

I would like to nat the Client on HQ side to something like 192.168.99.0/24
it is no solution to do the nat (DNAT/SNAT) for every single host, because we have about 80 Clients/Server on each network.

Thx & Regards

This thread was automatically locked due to age.

0 BAlfson over 13 years ago

Hi, dwittwer, and welcome to the User BB!

I don't think there's a way to solve this if the other end of the VPN can't/won't make changes on their end, too.

How to tunnel between two ASGs having the same LAN network range
If you try this with two 1:1 NAT rules (Map Destination and Map Source) in place of the DNAT and SNAT rules in step 2, please report your results here.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel