Hello everyone,
I have a question regarding SNAT over an IPSec Tunnel. We have the following configuration:
Localsubnet:
10.248.178.xxx/32 --> NAT: All our communication has to go through this ip.
RemoteSubnet:
195.200.xxx.1/24
The Tunnel iniates and the SA's are online
It's working if i I do a 1:1 NAT
But we have to do the followoing:
All our Networks (not just 1) must use an IP of the Local Subnet if they want to communicate with the remote Subnet. We've build a firewall rule with masquarading (eg: used IP = 10.248.178.xxx)
This does not seem to work. The traceroute is telling us the Packages wont go through the Tunnel but the route Lookup is recognisizing that the IP we are trying to communicate with is behind an IPSec Tunnel.
Can you help me with finding a solution to this problem?
This thread was automatically locked due to age.