i have a mk between L3 (gateway from internal network) and Firewall (watchguard).
Let say, my L3 Switch IP is: 10.10.3.1
and the internal network is : 10.10.1.0 and 10.10.2.0
My MK has 3 NIC : 10.10.3.3, 10.10.30.3 and 10.10.10.3 with a route below:
dst-address 10.10.1.0/24 GW 10.10.3.3
dst-address 10.10.2.0/24 GW 10.10.3.3
dst-address 10.10.3.0/24 PrefSrc 10.10.3.3
dst-address 10.10.10.0/24 PrefSrc 10.10.10.3
dst-address 10.10.30.0/24 PrefSrc 10.10.30.3
dst-address 202.158.66.0/23 GW 10.10.30.2*
dst-address 0.0.0.0/0 GW 10.10.10.2 **
then the Firewall has: 10.10.30.2, 10.10.10.2 and one IP Public 202.159.x.x and already configure route too and Dynamic NAT.
But i must enable NAT too on MK to access internet, which is i do not need enable NAT on the MK because the purpose of MK here just to make routing for divide the traffic from accessing internet. It mean the source IP will missing when it going outside from MK. Which is I need the source IP from internal network.
Anyone can solve this??
[/img]