Is it possible to create a NAT policy so that it uses the IP address of port #1 (LAN Zone) of the remote device as the MASQ address?
We have a client with around 28 remote offices. They are all connected by IPSEC site-to-site but only office LANs are allowed to connect.
That being said, all these offices have a wireless router (WIFI Zone) connected to Port #4 with a different network IP address than the LAN.
The VPN only knows about the LAN network (LAN Zone) to prevent mobiles from connecting to the main office networks.
To get these phones to connect we create a NAT rule so that it uses the LAN to reach the remote network. But there are many devices and configuring this manually is uphill.
This NAT only have the remote server and remote port with the MASQ using the Port#1 IP.
This thread was automatically locked due to age.
