I have a Watchguard Firebox x700. I have a policy that allows an outside client that just happens to be our hosted web server and it needs to access a PC on the network 192.168.1.0/24 for SQL. The Firebox also has a VPN tunnel to our other office in South Carolina. It's on a seondary network of 192.168.3.0/24. The same outside client (web server) needs to also access a PC on the .3 network.
As a remote user, I can VPN into the Firebox and access all the PCs on the .1 network but can't access the .3 network. I have to use a seperate VPN connection to the Firebox and leave "use default gateway" checked to access the .3 network. Of course, all my internet connections aren't available as long as that VPN connection is up.
I have a policy on the firebox that nats the web server directly to the .1 PC for SQL access and this works fine. I'm having a rough time trying to get to the .3 network. I have several public IPs available to use for the nat just like I do for the .1 network.
How can I create a policy to nat public IP xxx.xxx.xxx.97->192.168.3.