Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Chonyi
Participant
Jump to solution

Site-To-Site VPN with NAT on localy managed SMB device

Hello,

Im having issue with hide nat on localy managed 1200R. I need traffic to have hide NATed source and than enter the tunnel. What happens is that traffic is being NATed but then it just exits wan port without entering the tunnel.

Any ideas how to get this sorted? 

 

Thank you.

0 Kudos
1 Solution

Accepted Solutions
Chonyi
Participant

I finnaly got this working.

There are few requirements that need to be fulfilled in order for source NAT to function inside a tunnel.

Both original and NAT source need to be part of local encryption domain.

Policy rule allowing original source network to communicate with remote destination network should be defined in outgoing and incoming rules.

In VPN settings>Advanced tab disable NAT for this site shouldn't be checked.

NAT rules should be defined appropriately.

 

Cheers!

 

 

 

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Did you uncheck Disable NAT for this site?

Screen Shot 2019-07-19 at 2.24.28 PM.png

Chonyi
Participant
I have tried both ways, everytime I see NATed packets on WAN port without encryption.
0 Kudos
Chonyi
Participant

I finnaly got this working.

There are few requirements that need to be fulfilled in order for source NAT to function inside a tunnel.

Both original and NAT source need to be part of local encryption domain.

Policy rule allowing original source network to communicate with remote destination network should be defined in outgoing and incoming rules.

In VPN settings>Advanced tab disable NAT for this site shouldn't be checked.

NAT rules should be defined appropriately.

 

Cheers!

 

 

 

0 Kudos
Pedro_Espindola
Advisor

Did you add the translated range (after NAT) to your local encryption domain?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events