Hello. We have an internal network with 192.168.1.0/24, a service provider tells us that we have to set up IPSec but he has this network in use. In the end ipsec is working between 192.168.35.0/24 (local network) and 10.10.10.0/24 (provider network).
Now the provider tells us that what we should do on our end is make everything that comes from 10.10.10.10 and goes to 192.168.35.10 translate it to 192.168.1.10. We also have to do the same, but in reverse to have a bidirectional connection.
Is there a way to perform this configuration? Thank you.
everything that comes from 10.10.10.10 and goes to 192.168.35.10 translate it to 192.168.1.10
Thats a simple DNAT-rule.
Source IP: 10.10.10.10
Desination IP: 192.168.30.10
Action: 192.168.1.10
Guscht thanks.
I have created this rule and it seems to work at least I have the ping response.
But no service works, for example if I redirect RDP I get the error “internal error”. Could it be that I am missing a rule from the local network to the provider? I mean, how do I explain to FW that if something from 192.168.1.x has to go to 10.10.10.x it has to go through IPSec, because IPSec is for 192.168.35.x and 10.10.10.x
The IN rule is:
Source IP: 10.10.10.10
IP Desination: 192.168.35.10
Action: 192.168.1.10
The OUT rule?
Source IP: 192.168.1.10
IP Desination: 10.10.10.10
Action: ?
Thank you.