Goodmorning everyone
in my company the need has arisen to expose services from an IP Sec tunnel to another IP Sec tunnel on the same VSX context.
we have tried to implement a rule with relative rules of NAT that exposes on a ip belonging to the encdom of the source VPN a destination nat source with the segments related to the encdom of the destination VPN, the result is that the traffic coming from the VPN source is successfully decrypted and nattato with the ips belonging to the destination VPN but at this point the traffic despite being nattato on the IPs related to the destination VPN is not encrypted and inserted in the destination Tunnel, I had serious doubts about the operation of these rules but now I'm wondering if it's possible to implement what is required, do you have any suggestions?