Disable NAT for particular routes
Posted: Thu Apr 18, 2024 10:59 am
Hi Community
I’m trying to build a network shown on the diagram.
The issue is that I cannot to install SofthEtherVPN Bridge in Datacenter and Office, I have only IKEv2/IPSEC tunnels there.
What I managed:
- Users are connected to SoftEther and have access to Internet via WAN
- IPSEC tunnels are working
- IP routing from SoftEther to Datacenter and Office are working
What is the problem:
SoftEther does NAT on all IP packets, even on those that routed to IPsec tunnels and I see source IP in these packets in Datacenter and Office as 123.123.123.123, that does them a bit useless since I cannot identify users and “the traffic from VPN users” in general
I tried all modes in advanced options: Kernel mode, Raw IP mode, User mode. It doesn’t help.
Question:
Is it possible that SoftEther doesn’t do SNAT on packets to IPSec tunnels and keeps source IP addresses from DHCP pool of SecureNAT?
I’m trying to build a network shown on the diagram.
The issue is that I cannot to install SofthEtherVPN Bridge in Datacenter and Office, I have only IKEv2/IPSEC tunnels there.
What I managed:
- Users are connected to SoftEther and have access to Internet via WAN
- IPSEC tunnels are working
- IP routing from SoftEther to Datacenter and Office are working
What is the problem:
SoftEther does NAT on all IP packets, even on those that routed to IPsec tunnels and I see source IP in these packets in Datacenter and Office as 123.123.123.123, that does them a bit useless since I cannot identify users and “the traffic from VPN users” in general
I tried all modes in advanced options: Kernel mode, Raw IP mode, User mode. It doesn’t help.
Question:
Is it possible that SoftEther doesn’t do SNAT on packets to IPSec tunnels and keeps source IP addresses from DHCP pool of SecureNAT?