This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT over IPSec --> No traffic through IPSec Tunnel

Hello everyone,

I have a question regarding SNAT over an IPSec Tunnel. We have the following configuration:

 

Localsubnet:

10.248.178.xxx/32 --> NAT: All our communication has to go through this ip. 

 

RemoteSubnet:

195.200.xxx.1/24

 

The Tunnel iniates and the SA's are online

 

It's working if i I do a 1:1 NAT

 

But we have to do the followoing:

All our Networks (not just 1) must use an IP of the Local Subnet if they want to communicate with the remote Subnet. We've build a firewall rule with masquarading (eg: used IP = 10.248.178.xxx)

 

This does not seem to work. The traceroute is telling us the Packages wont go through the Tunnel but the route Lookup is recognisizing that the IP we are trying to communicate with is behind an IPSec Tunnel.

 

Can you help me with finding a solution to this problem?



This thread was automatically locked due to age.
Parents
  • Just to refresh this topic: 

    XGv18 supports a SNAT within the IPsec Tunnel. 

    Simply use a custom object, not MASQ in the NAT Rule. 

    __________________________________________________________________________________________________________________

Reply
  • Just to refresh this topic: 

    XGv18 supports a SNAT within the IPsec Tunnel. 

    Simply use a custom object, not MASQ in the NAT Rule. 

    __________________________________________________________________________________________________________________

Children
No Data