Does anyone know if it is possible to NAT over an IPSEC VPN without assigning an IP address on the tunnel interface itself?
I tried but it doesn't seem possible.
you can try adding a loopback interface in the same zone as the vpn interface, then create a nat rule using dynamic ip+port and nat sourced from the loopback
depending on your remote peer you may need to account for this by using proxy-IDs
hope this helps
If you want to configure a NAT rule you should be having an ip address on the interface either statically or assisgned via DHCP
Else that will be a Not nat rule for the traffic
Are you trying to use tunnel interface in NAT rule ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!