Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3289 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-Site IPSec VPN with SNAT

Lioness
Hi all,

I need to configure a Site-to-Site IPSec VPN with SNAT, I mean the source network must be natted to single IP address before enter in VPN connection.

I created a SNAT rule with:
Source Private Network ---> Any ----> Remote Private Network
Source Translation: 192.168.200.1
Advanced Option "Rule applies to IPSec packets" enable

My question is: in "Site-to-Site IPSec VPN" Connections, what do I have to configure as "Local Networks"? The "Source Private Network" or 192.168.200.1 or both?

Best Regard,
Stefano


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Stefano,

    Here's an article that will help you to understand what you need to do: How to tunnel between two ASGs having the same LAN network range

    So, the answer is only 192.168.200.1 in 'Local networks' for your side.

    I haven't used 'Rule applies to IPSec packets' yet, so it's not clear to me that you want to select that.  Please let us know if it works either or both ways.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, Stefano,

    Here's an article that will help you to understand what you need to do: How to tunnel between two ASGs having the same LAN network range

    So, the answer is only 192.168.200.1 in 'Local networks' for your side.

    I haven't used 'Rule applies to IPSec packets' yet, so it's not clear to me that you want to select that.  Please let us know if it works either or both ways.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML