@viragomann
Thank you for your response — I really appreciate you taking the time to help.
However, I’ve already tested the exact scenario you're suggesting. Unfortunately, it didn’t work in my case. What I’m specifically looking for is feedback from someone who has successfully implemented Source NAT in a setup that matches my parameters, particularly:
Site-A to Central-PF using IKEv2
Central-PF to Site-B using IKEv1
NAT at Central-PF, where Site-A is NATed to Central’s LAN IP before forwarding to Site-B
I’m aware that when both IPsec tunnels use IKEv2, NAT works fine and there’s no need to configure BINAT or additional Phase 2 entries. However, in my situation — with mixed IKE versions — the NAT rule doesn’t appear to work as expected.
If anyone has resolved this exact case or has real-world experience with this specific type of mixed IKE/IPsec/NAT scenario, I would greatly appreciate your insights.
Thanks again!