cancel
Showing results for 
Search instead for 
Did you mean: 

APM SSL VPN: SNAT based on destination IP

roracz1
Nimbostratus
Nimbostratus

Hi,

We've got SSL VPN up and running fine.

Now, we need to do SNAT on VPN connections only destined to specific networks, and cant figure out how to achieve that. Such functionality we can find in AFM but afair it is processed before APM.

Any ideas anyone?

 

 

1 REPLY 1

Hello @roracz1,

There is a way to intercept the traffic inside of the VPN tunnel when is established. To do so, you need to configure a new VS listening in any (0.0.0.0/0) or just some specific destinations where they are using the connection profile in the vlan allowed section.

Never tried before, but you should try to modify the SNAT in those new VS (that are listening in different destinations).

Anyway, let me know if it's helpful.

 

Regards,
Dario.