NAT from local network to Site-To-Site tunnel?

LarrY_FIN
LarrY_FIN Posts: 5  Freshman Member
First Comment Eighth Anniversary Nebula Gratitude
in Security

Hi! I have a scenario, where 3rd party has public and internal IP-address for a FQDN. We have site-to-site tunnel between our and their local networks. Is there a correct way to do NAT for cases, when if our computer in local network resolves incorrectly FQDN to 3rd party's public IP instead of local IP where we want to go? We would want that when it happens, our firewall would redirect that traffic to 3rd party's internal IP-address which is behind the Site-To-Site tunnel.

All Replies

  • PeterUK
    PeterUK Posts: 3,693  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    You can put in a DNS entry to go to local IP if DNS is to Zywall

  • LarrY_FIN
    LarrY_FIN Posts: 5  Freshman Member
    First Comment Eighth Anniversary Nebula Gratitude

    Hi!

    Thank you for the reply!

    We have set the dns to resolve to the local address, but I would like to know if it is possible to do NAT so that if some computer still resolves wrongly for some reason, firewall would still route to correct location.

  • Zyxel_Melen
    Zyxel_Melen Posts: 3,085  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @LarrY_FIN,

    USG FLEX/ATP and USG FLEX H series support setting NAT rules for Site-to-site VPN.

    USG FLEX/ATP:

    image.png

    USG FLEX H:

    image.png
    Zyxel Melen


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)