I want to know if it’s possible to configure source NAT over VPN in a Site to Site?
I need to NAT a network that already exists in my destination
You need to use custom firewall rules and create a Netmap.
iptables -t nat -I PREROUTING -i ipsec_VPN -d 10.255.127.0/24 -j NETMAP --to 192.168.0.0/24
iptables -t nat -I POSTROUTING -o ipsec_VPN -s 192.168.0.0/24 -j NETMAP --to 10.255.127.0/24
In the above example, 10.255.127.0/24 is my logical local vpn subnet and 192.168.0.0/24 is my physical ethernet subnet. ipsec_VPN needs to be ipsec_ and the name of the tunnel you have created. There was a bug where ipsec tunnel names couldn’t be more than 8 characters so keep it simple.
Nicholas Wilson
Your IoT
https://www.YourIoT.com.au