Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hello,
I' trying to configure "Nat Settings" (see image for example) inside the configuration of a Site_to_site ipsec vpn.
I have two separated subet in my network 192.168.1.x/24 and 192.168.21.x/24 and I would like that both subnet, inside the vpn, are NATed to 192.168.129.x/24 (Local_NATed_LAN).
It works only using subnet with same cidr range (for example 192.168.1.0 /24 NATed with 192.168.129.0/24). If I try using 192.168.0.0/16 as SF1_LAN (to include both subnets) nothing works.
Is it the right behaviour?
Thanks
While configuring the NAT (in IPsec config), when mouse pointed on Network Address Translation (NAT), a pop-up is seen saying that subnet should be same for original and translated networks.
Differing original and translated subnets will result in data traffic dropped by firewall.
Ensure to have either same subnets for original and translated or keep individual subnets (not the summarized ones) and have two different NAT translations one for each subnet.
