How can the inbound destination NAT be used to hide the server’s real IP via a VPN tunnel?

Zyxel_CharlieZyxel_Charlie Moderator, Zyxel Offical Agent Posts: 996  mod
edited December 29, 2017 8:49AM in Installation

A customer requires that the server’s real IP is hidden when using site-to-site VPN. This can be done by using an inbound destination NAT to hide the server’s real IP when VPN is established.

The inbound DNAT works as a virtual server.

It can redirect the VPN traffic to the internal server.  


Steps:

VPN connections:



Policy route:


VERIFICATION:

Ping 10.35.21.210 (the remote site server IP) from the 192.168.2.0/24 subnet, and verify that it can reach the server.

Sign In to comment.