Reply To: VPN LAN-to-LAN and IP Masquerading

Forums Network Management ZeroShell VPN LAN-to-LAN and IP Masquerading Reply To: VPN LAN-to-LAN and IP Masquerading

February 13, 2015 at 12:20 pm #53717
redfive
Participant

On both sites, unless you need some kind of ‘hairpin nat’, remove from nat your internal interface (ETH00), inSiteA the 2nd entry visible in postrouting

9167  821K MASQUERADE  all  --  *      ETH00   0.0.0.0/0            0.0.0.0/0

2nd entry in SiteB as well

3514K  235M MASQUERADE  all  --  *      ETH00   0.0.0.0/0            0.0.0.0/0

These entries translate the source ip addresses of outgoing packets with the ip addresses of these interfaces.
Also, if you need that your link be Layer 3 transparent, remove also, in SiteA, from NAT enabled interfaces, the VPN00.
Regards