IPSEC VPN with SNAT in a little subnet

enzopa
enzopa Posts: 3
First Comment Friend Collector
in Security

HI,
I created a site-to-site IPSEC VPN with SNAT.
Everything works fine until I use an x.x.x.x/24 subnet, but when I try to use an x.x.x.x/27 the ping no longer works.
For the configuration I used this guide:
https://mysupport.zyxel.com/hc/en-us/articles/360003321659--ZyWALL-USG-How-to-configure-VPN-SNAT-on-Zyxel-gateways

But that refers to a /24 subnet.
Where am I wrong?

Best Answers

  • PeterUK
    PeterUK Posts: 3,481  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓

    I have a setup like this it make hard time working out problems.

    On Outbound Traffic source NAT you have source subnet the same size as SNAT? And changed Destination NAT?

  • enzopa
    enzopa Posts: 3
    First Comment Friend Collector
    Answer ✓

    Hi @PeterUK ,

    Thanks, you pointed me in the right direction.
    In the Destination NAT under Mapped iP I had selected the /24 subnet.
    it was enough to put /27 there and now everything works.
    Thanks again.

All Replies

  • PeterUK
    PeterUK Posts: 3,481  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓

    I have a setup like this it make hard time working out problems.

    On Outbound Traffic source NAT you have source subnet the same size as SNAT? And changed Destination NAT?

  • enzopa
    enzopa Posts: 3
    First Comment Friend Collector
    Answer ✓

    Hi @PeterUK ,

    Thanks, you pointed me in the right direction.
    In the Destination NAT under Mapped iP I had selected the /24 subnet.
    it was enough to put /27 there and now everything works.
    Thanks again.

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)