Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Iron

Site-To-Site VPN with NAT on localy managed SMB device

Jump to solution

Hello,

Im having issue with hide nat on localy managed 1200R. I need traffic to have hide NATed source and than enter the tunnel. What happens is that traffic is being NATed but then it just exits wan port without entering the tunnel.

Any ideas how to get this sorted? 

 

Thank you.

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Iron

I finnaly got this working.

There are few requirements that need to be fulfilled in order for source NAT to function inside a tunnel.

Both original and NAT source need to be part of local encryption domain.

Policy rule allowing original source network to communicate with remote destination network should be defined in outgoing and incoming rules.

In VPN settings>Advanced tab disable NAT for this site shouldn't be checked.

NAT rules should be defined appropriately.

 

Cheers!

 

 

 

View solution in original post

0 Kudos
4 Replies
Highlighted
Admin
Admin

Did you uncheck Disable NAT for this site?

Screen Shot 2019-07-19 at 2.24.28 PM.png

Highlighted
Iron
I have tried both ways, everytime I see NATed packets on WAN port without encryption.
0 Kudos
Highlighted
Iron

I finnaly got this working.

There are few requirements that need to be fulfilled in order for source NAT to function inside a tunnel.

Both original and NAT source need to be part of local encryption domain.

Policy rule allowing original source network to communicate with remote destination network should be defined in outgoing and incoming rules.

In VPN settings>Advanced tab disable NAT for this site shouldn't be checked.

NAT rules should be defined appropriately.

 

Cheers!

 

 

 

View solution in original post

0 Kudos
Highlighted

Did you add the translated range (after NAT) to your local encryption domain?

0 Kudos