This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-Site IPSec VPN with SNAT

Hi all,

I need to configure a Site-to-Site IPSec VPN with SNAT, I mean the source network must be natted to single IP address before enter in VPN connection.

I created a SNAT rule with:
Source Private Network ---> Any ----> Remote Private Network
Source Translation: 192.168.200.1
Advanced Option "Rule applies to IPSec packets" enable

My question is: in "Site-to-Site IPSec VPN" Connections, what do I have to configure as "Local Networks"? The "Source Private Network" or 192.168.200.1 or both?

Best Regard,
Stefano

This thread was automatically locked due to age.

Parents

0 BAlfson over 12 years ago

Hi, Stefano,

Here's an article that will help you to understand what you need to do: How to tunnel between two ASGs having the same LAN network range

So, the answer is only 192.168.200.1 in 'Local networks' for your side.

I haven't used 'Rule applies to IPSec packets' yet, so it's not clear to me that you want to select that. Please let us know if it works either or both ways.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 12 years ago

Hi, Stefano,

Here's an article that will help you to understand what you need to do: How to tunnel between two ASGs having the same LAN network range

So, the answer is only 192.168.200.1 in 'Local networks' for your side.

I haven't used 'Rule applies to IPSec packets' yet, so it's not clear to me that you want to select that. Please let us know if it works either or both ways.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data