How can the inbound destination NAT be used to hide the server’s real IP via a VPN tunnel?
Zyxel_Charlie
Posts: 1,033 
Zyxel Employee
Zyxel Employee
A customer requires that the server’s real IP is hidden when using site-to-site VPN. This can be done by using an inbound destination NAT to hide the server’s real IP when VPN is established.
The inbound DNAT works as a virtual server.
It can redirect the VPN traffic to the internal server.
Steps:
VPN connections:
Policy route:
VERIFICATION:
Ping 10.35.21.210 (the remote site server IP) from the 192.168.2.0/24 subnet, and verify that it can reach the server.
1
Categories
- 5.6K All Categories
- 1.1K Nebula
- 13 Nebula Ideas
- 7 Nebula Status and Incidents
- 3.2K Security
- 172 Security Ideas
- 569 Switch
- 25 Switch Ideas
- 391 WirelessLAN
- 3 WLAN Ideas
- 4.1K Consumer Product
- 42 Service & License
- 178 New and Release
- 23 Security Advisories
- 442 FAQ
- 201 Nebula FAQ
- 97 Security FAQ
- 65 Switch FAQ
- 63 WirelessLAN FAQ
- Documents
- 20 Nebula Monthly Express
- 27 About Community
- 17 Security Highlight
