Create a Post
Showing results for 
Search instead for 
Did you mean: 

NAT isue with site to site VPN configuration

Jump to solution

Hi Everyone with encryption domain

I am facing issue with Site to Site VPN encryption domain

I have create site site to tunnel between checkpoint and Azure VPN gateway. 

My firewall is deployed in Azure and my Vnet IP Pool is, we added entire subnet in encrytion domain. and setelite encrytion domain is

our tunnel is up and we are able to access peer and subnet form my etire Vnet subnet.

But we have issue when any user coming from AO VPN subnet which are using diffrent subnet ( and we can not add that subnet in encrytion domain becuase if we add in this LAnding Zone traffic will not communicate with another vnet.

we did hide NAT with one firewall external interface IP Pool, so AO VPN traffic will hide with that perticular IP.

Below the NAT statement

source :-    

DST :-

Translate Src :-


so if src is going to should be translated to is part of encryption domain and should work, 

but after applying policy, i can see only Syn packet on firewall, my communication is not working.

I am suspecting issue with NAT.

Thank you in advance for your suport 







0 Kudos
2 Replies
This widget could not be displayed.