Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Advanced double NAT VPN question

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 734 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mode
      last edited by

      Hi,

      i have a IPSEC Site to Site VPN with NAT from the VPN Endpoint 192.168.10.0/24 to my LAN 192.168.11.0/24. Works fine!

      Then i have an Open VPN Server in TAP Mode. Network here is 192.168.12.0/24

      The goal is that Clients that connect to the OpenVPN VPN can reach the other Site of the IPSEC Tunnel. This will not work, because the IPSEC NAT awaits only Clients from net 192.168.11.0/24.

      So i added a second NAT from Net 192.168.12.0/24 to Address 192.168.11.9/32 when Destination is the IPSEC Tunnel.
      This works too. A ICMP Ping is natted from Openvpn Net into my Lan. From my Lan natted into the IPSEC Endpoint net. Through the Tunnel. Then i get a Ping response BUT the way Back from 192.168.10.0 to 192.168.11.0 (my Lan) does not work. Why?
      What is the difference between a Ping from my LAN Network and a Ping from a natted IP in my LAN Network? Or do i have to setup any forwards?

      Thanks for any ideas.

      Mode

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.