Hi guys,
Having an issue with NAT where we need to route all traffic coming across the VPN (from a /24 source range) to the LAN IP address of the RUT to allow connectivity to devices on the VPN.
Currently, the RUT is NOT the default gateway for the site (it will be eventually) thus, any return traffic to the VPN subnet is getting dropped (by the default gateway) - hence, we'd like to NAT all VPN traffic to the LAN IP of the RUT temporarily (providing connectivity) until we can swap out the existing default gateway.
In version 6, we could simply set a SNAT policy for anything on the VPN zone from the source subnet and NAT it to the interface IP on the RUT but with v7 firmware, there is no VPN zone and we're unable to create a SNAT entry (as it prompts for the destination ports which need to remain unchanged)
I've been trying to get an IPtables custom rule working under v7 to emulate the SNAT functionality we had in v6 but unable to get this working at this stage.
Any assistance is appreciated! Thanks!
-JT