Double NAT with two USG FLEX devices

2»

All Replies

  • PeterUK
    PeterUK Posts: 3,459  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    But you want the traffic to go over the wifi to FLEX200?

  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary

    No, the FLEX 200H should act as main router. Only some clients should be also reachable via double NAT through FLEX200.

  • PeterUK
    PeterUK Posts: 3,459  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited September 2023

    The setup I gave is where you don't double NAT but if you need to do double NAT.

    NAT

    FLEX200

    incoming WAN

    external IP your WAN IP

    internal IP 10.70.70.1

    ports

    NAT

    FLEX200H

    incoming interface of 10.70.70.0

    external IP your 10.70.70.1

    internal IP 10.50.10.50

    ports

  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary

    It also does not work with second NAT rule on 200H :/ I can see the request via traffic-capture on USG shared vlan but not on the vlan where the server (10.70.70.1) is in

  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary

    Got it! Need "only" one NAT and one Policy Route with snat outgoing-interface at FLEX 200 on the right and a security policy on the left USG

Security Highlight