How can the inbound destination NAT be used to hide the server’s real IP via a VPN tunnel?
Options
Zyxel_Charlie
Posts: 1,034 
Zyxel Employee
Zyxel Employee
A customer requires that the server’s real IP is hidden when using site-to-site VPN. This can be done by using an inbound destination NAT to hide the server’s real IP when VPN is established.
The inbound DNAT works as a virtual server.
It can redirect the VPN traffic to the internal server.
Steps:
VPN connections:
Policy route:
VERIFICATION:
Ping 10.35.21.210 (the remote site server IP) from the 192.168.2.0/24 subnet, and verify that it can reach the server.
Tagged:
1
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 199 Nebula Ideas
- 124 Nebula Status and Incidents
- 6.3K Security
- 488 USG FLEX H Series
- 321 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 46 Wireless Ideas
- 6.8K Consumer Product
- 284 Service & License
- 456 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 93 Security Highlight