I am struggling with routing external incoming traffic that is coming from the External Interface via a VPN tunnel?
The traffic flow should be:
External IP --> External GW published IP --> Static NAT to internal dst IP --> VPN Tunnel --> dst
To explain shortly - incoming traffic from external IP is hitting the GW published IP (via Proxy ARP) and NATed to an internal address which should be routed via the VPN.
I added the External IP address to the VPN domain but still the Traffic is not routed over the VPN but going out back via the external interface
There is a static NAT to translate the external dst IP address to the Internal dst IP address which should go to the VPN
External IP --> External GW IP
External IP --> Internal dst IP
however the traffic goes back via the External Interface
Any SK or a idea how to tackle this issue?