How do I enable SNAT for Site2Site IPsec VPN in Nebula

Rix
Rix Posts: 21  Freshman Member
First Comment Friend Collector SurveyFeedback-2022-Nov First Anniversary
edited November 2022 in Nebula
This is USG Flex 200. I found instructions for stand-alone here,but cannot find how to do it in Nebula. It is a necessary feature for the environment.  https://mysupport.zyxel.com/hc/en-us/articles/360003321659--ZyWALL-USG-How-to-configure-VPN-SNAT-on-Zyxel-gateways

All Replies

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,396  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @Rix,
    If all USG FLEX devices are managed by nebula, nebula control center will assign different IP subnets for different sites. Hence, you don't need SNAT for site to site IPSec VPN because there is no IP subnet conflict issue. Do you need SNAT feature for Non-Nebula VPN peers?

    See how you've made an impact in Zyxel Community this year!
    https://bit.ly/Your2024Moments_Community

  • Rix
    Rix Posts: 21  Freshman Member
    First Comment Friend Collector SurveyFeedback-2022-Nov First Anniversary
    Yes. It is non Nebula. I talked to support, not available at this time. Have to factory default and set up in native mode.  Or I can change local subnet, or use Lan2 and 2nd Nic in server. 

Nebula Tips & Tricks