Destination NAT for Route base VPN
cancel
Showing results for 
Search instead for 
Did you mean: 

Destination NAT for Route base VPN

L0 Member

We have an requirement to set up a route base VPN, but remote proxy IP subnet clash with an existing remote subnet.

 

We are planning to use destination NAT, but not sure, how the routing will be controlled.

 

Please help to solve this problem.

1 REPLY 1

L7 Applicator

will the remote end participate in fixing the overlap? you could SNAT  to a fictitious subnet on the tunnel and have the remote do DNAT for the incoming packets

your end would be connecting TO fictitious IPs and be source NATed inside that same fictitious subnet (you can attch it to the tunnel interface for ease of use)

the remote would be receiving connections to/from a fictitious subnet they'd need to destination nat to the appropriate servers

 

else you'll want to look into policy based forwarding as regular routing is applied after NAT and DNAT will be an issue in this case

Tom Piens
Like my answer? check out my book! https://bit.ly/MasteringPAN
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!