I am trying to set up a site to site IPSec VPN in Mikrotik, which I already know how to do. However, the team on the remote side of the tunnel (let’s call this Tunnel B) does not allow 10.x.x.x addresses from customers (as luck would have it, my local subnet is a 10.x.x.x subnet), so they are asking me to NAT the address through the VPN tunnel to make it appear as something else on their side. They don’t care if its a public or private IP address, as long as its not 10.x.x.x.
- I am not sure how to do this. Some sort of masquerade rule in NAT (?).
- I already have a separate VPN tunnel that my local 10.x.x.x subnet uses (we’ll call Tunnel A), going to a completely different remote site. One concern I have regarding NATting on Tunnel B will affect Tunnel A.
Can anyone help? Thank you.