How can the inbound destination NAT be used to hide the server’s real IP via a VPN tunnel?
Zyxel_Charlie
Posts: 1,034 
Zyxel Employee
Zyxel Employee
A customer requires that the server’s real IP is hidden when using site-to-site VPN. This can be done by using an inbound destination NAT to hide the server’s real IP when VPN is established.
The inbound DNAT works as a virtual server.
It can redirect the VPN traffic to the internal server.
Steps:
VPN connections:
Policy route:
VERIFICATION:
Ping 10.35.21.210 (the remote site server IP) from the 192.168.2.0/24 subnet, and verify that it can reach the server.
Tagged:
1
Categories
- 6.9K All Categories
- 2 Education Center
- 1.4K Nebula
- 34 Nebula Ideas
- 40 Nebula Status and Incidents
- 3.9K Security
- 203 Security Ideas
- 748 Switch
- 31 Switch Ideas
- 627 WirelessLAN
- 9 WLAN Ideas
- 4.6K Consumer Product
- 104 Service & License
- 223 News and Release
- 39 Security Advisories
- 520 FAQ
- 238 Nebula FAQ
- 120 Security FAQ
- 73 Switch FAQ
- 67 WirelessLAN FAQ
- 6 Consumer Product FAQ
- Documents
- 30 Nebula Monthly Express
- 44 About Community
- 31 Security Highlight