snat
-
Dear
I need to do a snat. I need my vpn ipsec source network translated.
I have my internal network. 192.168.0.0/24 and I need it to arrive at the client with the net ip 172.16.10.0/29.
I configured it in outbound, but I keep sending the ip net192.168.0.0/24 to the client. -
@moisesdasilvadeoliveira
On an IPSec connection this cannot be done with an outbound NAT rule, it must be done in IPSec.I have my internal network. 192.168.0.0/24 and I need it to arrive at the client with the net ip 172.16.10.0/29
But you cannot translate a /24 to a /29 network at all. Either you can translate it to another /24 (same size) or to a single IP.
So I assume you want to translate to a /24 network.Then go into the phase 2 settings. At BINAT select network and enter the translation network, e.g. 172.16.10.0/24.
If both network have the same size the remote site is also able to access your site. E.g. if he enters 172.16.10.10 the packets are forwarded to 192.168.0.10, assumed that you have a firewall rule on IPSec which allows it.
-
@viragomann Thank you very much for your answer and explanation, it worked.