How to setup Natting on VPN tunnel with Watchguard fireware 9.0

Posted on 2007-10-03
Last Modified: 2013-11-16
How to setup Natting on VPN tunnel with Watchguard fireware 9.0.  I have an 1250e wg appliance that I am setting up a branch VPN connection to a cisco vpn concentrator.  The branch office is on the same subnet so I would like to setup a nat statement on the firebox that nats my 192.168.1.x traffic to 192.168.32.x through the tunnel.

Any ideas how to do that on this device.

Question by:mkurtzhals
    1 Comment
    LVL 32

    Accepted Solution

    To create 1-1 NAT over IPSec VPN tunnel; in Policy Manager go to VPN->Branch Office Tunnels; click Add if not already added; specify name and gateway [create one if not already added].
    Under Addresses tab; if no address defined, click Add; under local specify 192.168.1.x/y [where y is the relevant subnet mask and x being the subnet; for eg.,]; under Remote specify 192.168.1.x/y;
    leave direction as : Local <===> Remote
    Check 1:1 NAT checkbox under NAT Settings; specify 192.168.32.x/y; click OK all the way back.

    Please note 1-1 NAT would be 1-1 IP mapping between 192.168.1.x till x+n to 192.168.32.x till x+n; you cannot have all the traffic in 192.168.1.x subnet to be natted to one single IP 192.168.32.a

    The remote site would see the traffic originating from 192.168.32.x subnet.

    Please implement and update.

    Thank you.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Suggested Solutions

    Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now