What's the difference between Route and NAT mode VPN?
When configuring the LAN to LAN VPN profile, you may notice there are options can be chose: From first subnet to remote network, you have to do Route/NAT.
The major difference between these two modes is in Route mode, both sites' clients can reach to each other; in NAT mode, only clients on Dial-Out sites can reach the entire networks, but the clients on Dial-In site can only access the local network, not able to access the network of Dial-Out site.
To connect two subnets and let the clients can reach to each other's network; or, if you are establishing VPN between two Vigor Routers by LAN to LAN VPN, you will need to choose Route mode.
In this case, PC_A can access PC_B and set the Dial-in router as remote gateway to access internet; PC_B can access PC_A as well.
NAT mode is used when you want to only access the remote network, or you want to use remote network as your internet gateway, but do not want to let the remote clients access your network. This is also for you to connect to the thirty party remote dial-in VPN service on Vigor router.
In this scenario, PC_A can access PC_B and can set the Dial-in Router as the remote gateway to access internet; but PC_B is not able to access PC_A.