Create a Post
Showing results for 
Search instead for 
Did you mean: 

Nat rule over tunnel/community

Jump to solution

Hi.  Im trying to redirect traffic going out a gateway.  I want to change the traffic flow from:

host_a (port 443) -> checkpoint_gateway -> internet -> public ip on host_b


host_a (port 443) -> checkpoint_gateway -> nat from public ip on host_b to private ip on host_b -> s2s ipsec tunnel -> private ip on host_b

The tunnel works fine for normal traffic flow over the tunnel and all the security domains are defined properly.  There are rules in the policy that the traffic should hit to go over the tunnel.  When I try to create a nat rule to change the public ip to the private ip of host_b the traffic is allowed and I see the translation but It doesnt get encrypted.  Its also skipping my tunnel rule and hitting my default outbound rule at the bottom.  What am I missing in my nat rule to get this traffic flow working?




0 Kudos
5 Replies
This widget could not be displayed.