• Hello together,

    i´ve got a problem with an ipsec tunnel and NAT. But i`m shure that I am not smart enough to get it running.

    I have an ipsec tunnel with an attached VLAN (an internal address). There is a NAT defined for a computer in another VLAN.
    The incoming path is working fine, the packets are coming in and beeing forwarded using the NAT.
    BUT, the way back is not working. The answers for the computer behind the NAT are going out, but on the wrong interface (default GW) but using the NAT.
    When I will integrate the additional VLAN in the ipsec, the packets are going on the correct ipsec tunnel but without the outgoing NAT.

    So, how do I get NAT and IPSEC running together?

    I did try to change the NAT with 1:1, port forward, outgoing... but no change in the handling.

    Maybe somebody could give me some hints to get this running.



  • Hi ho,

    some additional Infos:

    This is the VPN Tunnel Phase 2


    So, I will access the using the as NAT when the traffic is coming from the

    So, the Packets are coming in, will get natted to the correct server, but on the way back, they will not get the outgoing NAT, so the Packets are going out using the Address which is not known on the other side of the VPN Tunnel...


    I hvae alos setup an outgoing NAT, but i think that i normaly do not need one, but with or without it is not working.


    Maybe someone could tell me my mistake.



Log in to reply