Author Topic: Mip and Destination NAT in the same rule  (Read 2366 times)

fisk4

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Mip and Destination NAT in the same rule
« on: June 13, 2013, 09:32:51 am »
Hello
I have a route based VPN that i have a bit of a messy request for.
The servers on my side will both have to be source translated (i guess by mip) and i also need to make a destination translation.
Se my example, Server A (for example 192.168.0.1) is the server on my site, i translate that to 192.168.1.1) and it connects to NAT address (10.0.0.1) is the address the server are connected to, and server B (212.212.212.212) is the server it acctuly connect to.

192.168.0.1 (192.168.1.1) -> 10.0.0.1-> 212.212.212.212

So server A thinks its connecting to 10.0.0.1 but in reallity it connects to 212.212.212 and 212.212.212.212 see it as the source 192.168.1.1.


I cant get both MIP and Destination nat to work. It just do the destination NAT and not the mip stuff.

Any idea of how to accomplish this?


screenie.

  • Global Moderator
  • Atomic Playboy
  • *****
  • Posts: 1315
  • Karma: +1/-0
    • View Profile
Re: Mip and Destination NAT in the same rule
« Reply #1 on: June 15, 2013, 09:56:33 am »
So wouldn't a mip from 192.168.1.1 to 192.168.0.1 on on sideand a MIP from 10.0.0.1 to 212.212.212.212 on the other side of the vpn work?
Regards, Screenie
------------------------
JNSS, JNCIA, JNCIS, JNCIP, JNCI

fisk4

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: Mip and Destination NAT in the same rule
« Reply #2 on: June 16, 2013, 02:58:43 pm »
I dont "control" the other side of the VPN its a other partner/client. Im migrating all the VPN:s from a other vendor to a netscreen cluster. In the old enviorment this (weird) setup with both source and destionation NAT is working, so i would prefer to solve it without have to involve the other client/partner so much.

fisk4

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: Mip and Destination NAT in the same rule
« Reply #3 on: July 18, 2013, 09:01:59 am »
any one? :)