cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
helpmejesse
New Contributor

VPN NAT translation local LAN setup

i'm not sure how to word this by i'll do my best

i am setting up a VPN to a vendor

the remote network is 192.168.45.0/24

my local network is  192.168.0.0/24

due to overlap they want me to NAT my local network to 192.168.56.0

how do i translate my side of the VPN 19.168.56.0 to 192.168.0.0?

do i need to create a VLAN to do this?

this is how it's done in pFsense. NAT with IPsec Phase 2 Networks - pfSense Documentation

Labels (1)
0 Kudos
1 Reply

Re: VPN NAT translation local LAN setup

In a distributed deployment of locations connected via a site-to-site VPN, a network administrator may need to have address translation performed on traffic traversing the site-to-site VPN. A 1:1 subnet translation can be used in cases where multiple locations have the same subnet present, but both need to participate in the site-to-site VPN. Alternatively, administrators may need to conserve IP space for large deployments. For this, 1:M NAT can be used to translate entire subnets into a single IP address that is exported across the site-to-site VPN.

If VPN subnet translation is configured, the translated subnet will automatically be advertised to all remote site-to-site VPN participants. In this example, in order for the web server at 172.16.30.8 to communicate with the example client, traffic must be sent to 10.15.30.44 (the equivalent IP offset within the translated subnet). When the web server's traffic is sent to 10.15.30.44 and received by it's local MX, it will be routed to the appropriate remote MX and the destination IP address will be translated back to 192.168.128.44 before it egresses the MX's LAN. The assistance of custom essay writing service helps students understand the basics of every custom written paper, as well as the elements of creative writing.