- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NAT via VPN Tunnel to next site and un NAT to Internet
Hi All,
I need some help who have any idea for my request to NAT External IP to Internal and via VPN Tunnel to next site for Internet access.
In my situation site A has network devices require to access external IP but ISP local blocked by Internet access. Anyway I have a second interface VPN Site-to-Site from site A (IP 192.168.44.1/24) to site B (IP 192.168.10.1)
Network device on site A has a configuration internet access to external IP 3.x.x.x
So, how can I NAT destination external IP 3.x.x.x to 192.168.10.50(IP site B) via VPN tunnel to site B.
On site B NAT from 192.168.10.50 back to 3.x.x.x?
Internal Network Device >> 3.x.x.x >> NAT to 192.168.10.50 >> VPN Site A to Site B >> NAT back from 192.168.10.50 to 3.x.x.x >> Internal device site A will send data to 3.x.x.x via site B
I apologize for not being an expert in the English language.
Thanks.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't think there's a specific name for it, most VPN forms just put a note/caveat stating all traffic must be NAT'd to unique non-RFC1918 addressing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Prik,
Why do we need to NAT? You can create a static route for 3.x.x.x to go through the VPN tunnel and add 3.x.x.x to phase2 selectors and firewall policy on both sides.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Hbac,
Thank you for your reply, because I have 3rd party WAN provider firewall before to next site, they allow only internal IP to there. So I need NAT destination to internal IP and pass through VPN tunnel to next site then NAT it back to External IP.
If you have another idea please share to me.
Thank you.