Can access the tunnel machine, but not the rest

[tesseract]

At our HQ I have a VPN Server. In the cloud I have a VPN bridge. The cloud VPN bridge uses the SoftEther NAT and it works to get me at least to the bridge machine. I am using Layer 3 IP routing at HQ.

The VPS has an IP of 192.168.200.7 and can access other machines in the VLAN at the cloud, i.e. .200.1, .200.2, etc. WHEN the SoftEtherNAT is NOT ENABLED. When I enable NAT I can access the machine from HQ but all the other machines disappear. I can not even access directly from the VPS itself.

From my HQ I can ping the VPS tunnel machine (200.7) and can even use MS RDP to control it! Awesome. But I cannot ping any of the other machines on the network like .200.1, .200.2 etc. All of these other machines have statically assigned IPs and we are in a VLAN on the cloud.

How come I can see and control the VPS bridge machine but no others even though I have the SoftEther NAT enabled? It seems that if I change the NAT address to be .200.88 then I can still control the bridge but it has to be on IP .200.88 even though the bridge has an ethernet ip of .200.7

[thisjun]

Did you use LocalBridge and SecureNAT at same time?　If so, it’s wrong way. Local bridge is enough.
And there is possibility that SecureNAT DHCP pollute your company DHCP.