Hi I need help with our IPSEC setup. We have an internal net 192.168.1.0/24. We have IPSEC to a customer on net 10.92.0.0/16. However, they already used the 192.168.1.0 net, so the IPSEC tunnel is to 10.84.230.0/28. I have set up 10.84.230.1 on the internal network interface (hme3), and added a manual route to 10.92.0.0/16 via 10.84.230.1. All works perfect on the firewall. On the internal net however, I can not reach the 10.92 net. I have tried to nat 192.168.1.0 via 10.84.230.1. NAT works, but the packets are thrown back out on hme3 with 10.84.230.1 as source address and to via enc0 as I want. How would one solve this?
TIA Johan Hedin CTO eCare AB [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]