I have a client that has a server in the 10.0.0.0/8 range which overlaps with my 10.10.247.0/28 network.
I we are trying to NAT a single IP (192.168.247.2/32) to a single IP (192.168.247.10/32) on the other end.
I have created SNAT and DNAT rules for sending/receiving packets but I am not able to send any traffic through he tunnel.
The only guides IU am seeing are for 1:1 NAT of a whole range and not a single IP
I have used Sophos UTM: Configure a tunnel between two UTMs that use the same LAN range as a baseline but instead of 1:1 NAT I have a set of SNAT/DNAT rules.
The remote end tech has only done an SNAT for their traffic so far.
The firewall on the remote end is not a Sophos. I also ma not able to see any traffic on the Firewall log for ping but a tracert does stop at the firewall and then Unreachable.
Any thoughts would be great. Thank you in advance.
Very close, Nick!
Best practice is to not change the Service if it remains the same (see #5 in Rulz (last updated 2021-02-16)). That let's you use single NATs and DNATs with a Services Group or just the…