Vigor Router supports applying NAT to traffic in a LAN-to-LAN IPsec VPN, so that the remote network will only see traffic from a single IP address. This is necessary when the VPN server use one network for creating IPsec connection, but the firewall policy allow a different IP address to access their local network. Like the illustrated below.
This article will show how to configure Vigor2960/3900 for meeting this purpose.
1. Go to VPN and Remote Access >> VPN Profiles >> IPsec page, click Add to create an IPsec LAN to LAN profile.
2. Go to Advanced tab, select Enable for Apply NAT Policy.Translated Local Network option will be visible after enabling Apply NAT Policy.
After the above configuration, Vigor2960 will translate the source IP to 172.16.2.129 while the LAN clients want to access remote VPN network 192.168.188.0/24.
Published On: Dec 05, 2017
Was this helpful?
Thank you for your feedback :)
Sorry about that. Contact Support if you need further assistance, or leave us some comments below to help us improve.