Bidirectional NAT through IPSEC tunnel.
I am struggling to create the config so the traffic from the other side of the vpn tunnel is not reaching my server.
I have Established phase 1 and phase 2 of an IPSec tunnel - Site-to-site.
Inside the encryption domain of phase 2 I use public IP as local network, because the other side can only allow public IPs .
So in the Policy config(lan -to- vpn interface ph1) I have enabled nat with IP pool which is that nat-ed public IP in the encryption domain.
When i try to reach the other side there is no problem , but when they try to telnet me the traffic goes through the tunnel, but doesn't reach my server .
I guess i have to make some nat in the policy ( vpn interface ph1 - to - lan ), and i tried but it doesn't work.
I have Static route for the site 2 network with outgoing interface - vpn ph1
I have Policy rules for inbound and outbound traffic , and only outbound is working
VPN tunnel is established and there is traffic going in and out, but from the other side packets cannot reach my server.
Thanks in Advance!!!!
post edited by mladen85 - 2020/08/07 00:57:13