"
Wow, thank you so much. I totally missed this while setting up the new tunnel.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Virtual private networks / Re: IPsec tunnel with SNAT not working, traffic is sent over WAN instead
October 28, 2025, 11:08:39 AM #2
Virtual private networks / SOLVED - IPsec tunnel with SNAT not working, traffic is sent over WAN instead
October 28, 2025, 10:07:22 AM
Hey all,
I have a weird problem with a IPsec VPN tunnel which I can't wrap my head around...
The following setup works in another tunnel:
Since our internal network could not be used (address conflicts on the remote network) we use SNAT to use a single IP address as "our" network in the VPN tunnel. The remote Network in the tunnel is a private class C network. Everything here is working as expected, traffic flows over IPsec and everything is reachable.
The setup that is not working is basically the same, the only difference is that the remote networks in the IPsec tunnel are a couple of single hosts (192.168.10.x/32 for example), each of them having a seperate SNAT rule. The tunnel is connected fine in phase 1&2. When I try to reach one of the host via the tunnel, the traffic is not sent over IPsec, but over WAN instead.
I've checked everything I could think of, but I can't get the traffic to go over IPsec...
Anyone have any ideas?
I have a weird problem with a IPsec VPN tunnel which I can't wrap my head around...
The following setup works in another tunnel:
Since our internal network could not be used (address conflicts on the remote network) we use SNAT to use a single IP address as "our" network in the VPN tunnel. The remote Network in the tunnel is a private class C network. Everything here is working as expected, traffic flows over IPsec and everything is reachable.
The setup that is not working is basically the same, the only difference is that the remote networks in the IPsec tunnel are a couple of single hosts (192.168.10.x/32 for example), each of them having a seperate SNAT rule. The tunnel is connected fine in phase 1&2. When I try to reach one of the host via the tunnel, the traffic is not sent over IPsec, but over WAN instead.
I've checked everything I could think of, but I can't get the traffic to go over IPsec...
Anyone have any ideas?
Pages1
