IPSec tunnel with overlapping subnets on both sides of the tunnel


I have a client that has a server in the range which overlaps with my network.

I we are trying to NAT a single IP ( to a single IP ( on the other end.

I have created SNAT and DNAT rules for sending/receiving packets but I am not able to send any traffic through he tunnel.

The only guides IU am seeing are for 1:1 NAT of a whole range and not a single IP

I have used Sophos UTM: Configure a tunnel between two UTMs that use the same LAN range as a baseline but instead of 1:1 NAT I have a set of SNAT/DNAT rules.

The remote end tech has only done an SNAT for their traffic so far.

The firewall on the remote end is not a Sophos. I also ma not able to see any traffic on the Firewall log for ping but a tracert does stop at the firewall and then Unreachable.

Any thoughts would be great. Thank you in advance.


[edited by: Nick Massin at 4:53 PM (GMT -7) on 28 Jul 2022]

Top Replies