Hi. Im trying to redirect traffic going out a gateway. I want to change the traffic flow from:
host_a (port 443) -> checkpoint_gateway -> internet -> public ip on host_b
to:
host_a (port 443) -> checkpoint_gateway -> nat from public ip on host_b to private ip on host_b -> s2s ipsec tunnel -> private ip on host_b
The tunnel works fine for normal traffic flow over the tunnel and all the security domains are defined properly. There are rules in the policy that the traffic should hit to go over the tunnel. When I try to create a nat rule to change the public ip to the private ip of host_b the traffic is allowed and I see the translation but It doesnt get encrypted. Its also skipping my tunnel rule and hitting my default outbound rule at the bottom. What am I missing in my nat rule to get this traffic flow working?