Home/Support/Support Forum/does anyone know how to NAT on a IX20
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

does anyone know how to NAT on a IX20

0 votes
I want to know if it's possible to configure source NAT over VPN in a Site to Site?

I need to NAT a network that already exists in my destination
asked Apr 19 in Digi Remote Manager by Ernesto New to the Community (0 points)

Please log in or register to answer this question.

1 Answer

0 votes
You need to use custom firewall rules and create a Netmap.

iptables -t nat -I PREROUTING -i ipsec_VPN -d 10.255.127.0/24 -j NETMAP --to 192.168.0.0/24
iptables -t nat -I POSTROUTING -o ipsec_VPN -s 192.168.0.0/24 -j NETMAP --to 10.255.127.0/24

In the above example, 10.255.127.0/24 is my logical local vpn subnet and 192.168.0.0/24 is my physical ethernet subnet. ipsec_VPN needs to be ipsec_ and the name of the tunnel you have created. There was a bug where ipsec tunnel names couldn't be more than 8 characters so keep it simple.


Nicholas Wilson
Your IoT
https://www.YourIoT.com.au
answered Apr 19 by NicholasYourIoT Seasoned Professional (227 points)
...