Three sites (1, 2, 3) all running R77.30.
Site2 acts a VPN hub, with both Site1 and Site3 having tunnels (to center only) established to Site2.
We're trying to access Site3 from Site1 with the NAT rule on Site2:
Original Source: 18.104.22.168
Original Destination: 22.214.171.124
Translated Source: 126.96.36.199 (Hide)
Translation Destination: 188.8.131.52 (Hide)
Is this the right way to do it?
The NAT rule works. We see traffic encrypted from 184.108.40.206 to 220.127.116.11, but from 18.104.22.168 to 22.214.171.124, according to the tracker, it's sent in a clear text (just says Accept), although the rule number is correct and it's set to encrypt anything from 126.96.36.199 to 188.8.131.52 using Site2-to-Site3 VPN community.