Orbi WiFi 7 RBE973
Reply

NAT within VPN

Elgand
Aspirant

NAT within VPN

Hello,

   Corporate wants to create a VPN connection between their office and our satellite office. The VPN is connecting through stage one, but traffic is not appearing how they want it to appear and thus the VPN is passing stage 2. 

 

  They want to view all traffic from a single IP address. Any traffic that hits the VPN needs to come from 10.198.255.176. I have searched high and low for NAT options and am still unable to complete this setup. I tried entering a secondary address on the WAN1 port of 10.198.255.176 with a subnet of 255.255.255.255 and receive and error that the final octet cannot be 255. I tried 255.255.255.0 and am having no success there either. 

 

  When I try to setup Security - Firewall - LAN WAN rules using the 10.198.255.176/24 address nothing has worked. I'm just using simple internal networking on my side right now, with the gateway being 192.168.1.254 and DHCP addressing 192.168.1.100-254. Is there a way to NAT those internal IP addresses to 10.198.255.176 when they hit a VPN address?

 

Thanks, 

    Josh

Model: FVS336Gv3|ProSafe dual WAN gigabit firewall with SSL and IPSec VPN
Message 1 of 6
JohnC_V
NETGEAR Moderator

Re: NAT within VPN

Hi Elgand,

 

Welcome to our community!

 

As per checking in here that you wanted to set a NAT to the internal IP address so that it can communicate with the VPN address. May I know what kind of VPN setup do you have? Was it a box-to-box or client-to-box VPN?

 

Regards,

Message 2 of 6
Elgand
Aspirant

Re: NAT within VPN

This is a Box to Box VPN. The VPN we have established is via IPsec. 

Message 3 of 6
JohnC_V
NETGEAR Moderator

Re: NAT within VPN

@Elgand,

 

May I know if both ends are using Netgear firewalls? You may try to follow this article in order to work your VPN connection.

 

Regards,

 

Message 4 of 6
Elgand
Aspirant

Re: NAT within VPN

Hello,

   No, both sides are not utilizing Netgear boxes. The other end is our corporate office and they are using Check Point NGX R77.30 Model 23500.

 

   We requested a subnet and are going that route rather than using a NAT'd address to enter the tunnel. All of my searching has resulted in no concrete answer on whether this is even possible with the FVS336Gv3. 

Message 5 of 6
JohnC_V
NETGEAR Moderator

Re: NAT within VPN

 

Elgand,

 

It is not possible to create a VPN connection using a NAT'd address on a FVS336Gv3, as it cannot find the NAT'd address on a public network without the WAN IP.

 

Regards,

Message 6 of 6
Discussion stats
  • 5 replies
  • 1621 views
  • 0 kudos
  • 2 in conversation
Announcements