Hey,
There are 2 zones - internal and external.
Client and server are both in same internal subnet.
Client needs to access server with public IP address that is configured on vShield Edge.
External users can access server fine but when internal client tries to access server then DNAT changes only destination IP address. Packets get from client to server but source IP stays original IP and server sends SYN ACK back directly not through firewall.
Is it possible to do SNAT and DNAT at the same time for traffic so that clients' original source IP would be masked behind vShield IP?
↧
vShield U-turn NAT
↧