site to site vpn with NAT pool as source ?

Hi,

if we have private ip addressing on WAN interface and using NAT for internet access, how to use this setup for site to site ipsec vpn ?

thanks.

New Member

Just define a nat pool source and apply nat and the pool on the fwpolicy. Ensure the "nat-src" is in your vpn local-subnet between the IPSEC peers.

( e.g cli config options for the fwpolicies )

config firewall policy

edit 66666666

set nat enable

set ippool enable

set poolname "vpnsrcnatpooltobankxyzl"

end

poolname "vpnsrcnatpooltobankxyzl" would be the SNAT pool that your clients would be masked behind.

Ken

Sign up