<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
</style>
</head>
<body class='hmmessage'>
<RTE_TEXT>Hi Freinds,<BR>
<BR>
I have configured Site-to-Site Ipsec VPN where I have used Openswan at my end and Checkpoint FW1 at other end.<BR>
<BR>
I The setup is as described below.<BR>
<BR>
Right side- Myside-A <BR>
<BR>
Eth0 - internal interface (192.168.30.0/24)<BR>
Eth1- external interface (A,B,C,D)<BR>
<BR>
Left side - Remote-B.<BR>
<BR>
Eth0 - internal interface (10.95.0.0/11)<BR>
Eth1 - external interface (W,X,Y,Z)<BR>
<BR>
Now after istablishing the tunnel, Remote-B wants Myside-A should NAT traffic to 172.20.1.1 (as per RFC 1918) rather than ETH1 (A,B,C,D)<BR>
This is to make my VPN secured by hiding my Real IP. Hence whatever request will go from my network will go as 172.20.1.1 IP.<BR>
<BR>
I tried doing SNAT but still my requests are reaching through Eth0 to the destination network.<BR>
<BR>
Can you please help and tell me whether I am doing right thing or not. If not then what should be the setup.<BR>
<BR>
Thanks in advance<BR>
<BR>
Regards,<BR>
<BR>
Prashant M<BR>
<BR>
<BR>
</RTE_TEXT><BR><br /><hr />Get a view of the world through MSN Video. Some things just cannot be left unseen. <a href='http://video.msn.com/?mkt=en-in' target='_new'>Try it!</a></body>
</html>