Hi,
I have a good established RED setup for a few remote sites that are under our control and all use Unified/Standard mode, and we extend our LAN address space out to those, with DHCP relayed from the main site. This works well.
However, I have a new requirement where I need to install a RED in a remote network that I don't control, with the specific purpose of getting a single URL back to our HQ via the RED, and the rest of the remote network being untouched.
Transparent/Split mode is what I need. I think!
I have the required traffic tunneling down the RED, and can see it in the firewall log. I am not doing anything clever with split DNS or anything, my URL resolves to a public IP, and that public IP is what is tunnelled.
As I'm using a public IP, I want to at the least DNAT the traffic so when it his the UTM the public IP is translated to the real webserver IP. What I notice in the logs is that the source IP of the traffic is what the PC on the RED has picked up from the remote network (192.168.1.0/24), that's fine. What I want to do is NAT the source of that traffic on the UTM to be the UTM's LAN side interface so that my real webserver. I tried this using a Full NAT, as well as a combination of both a DNAT and SNAT and I can't seem to get the source to the traffic to NAT. I need this for 2 reasons.
1. I don't want to have individual routes for remote 192168.x.0/24 networks on my corporate LAN
2. If I did want to do number 1, I can't guarantee that the remote sites (which I don't control) won't have overlapping IP ranges, and I can't touch these.
I have no interfaces configured on my UTM that are bound to the RED, as I am not sure I need them. I don't want any other access to the PC's at the remote site as they are not mine. Perhaps this is where I am going wrong?
I'm getting to the stage where I am going round in circles so any help would be much appreciated.
Thanks.
This thread was automatically locked due to age.
