How can I configure different encryption domain ? [SOLVED]

  • Hello all,
    I don't know how to configure this situation on my IPSEC.

    I have a local network ( and my customer has their local network (, but they want to configure in other encryption domain ( and don't mine.
    here the example..

    CUSTOMER'S SERVICE____ENCRYPTION DOMAIN_________REMOTE CUSTOMER ---------------------- -> > IPSEC ---->

    How can I configure that ? Do I need use NAT/BINAT ? If yes How ?
    Thank you.

  • I fixed it..

    I put on IPSEC PHASE 2 > NAT BINAT IP 192.168.0.x/32 and LOCAL NETWORK and REMOTE NETWORK

    and then I made NAT 1:1 > 10.0.0.x > INTERNAL IP > and made the rules on INTERFACES IPSEC and LAN.
    thank you.

Log in to reply