Moving VLAN to new hosted environment. Cannot passthrough Traffic

Jay Sains
Level 1
Level 1

We run 3 VLANs for current business systems. We have multiple locations across 3 time zones.

We need to Move VLAN1 to a new private cloud provide by a 3rd party firewall. VLANs 2 and 3 are remaining in place. We have full IP connectivity between VLAN2, VLAN3, and the new VLAN1. The new VLAN1 has been turned up. We can reach those servers without issue from VLANs 2 and 3.

At issue is providing passthrough access from our software partner to the new VLAN1 in the private cloud. This is essential Currently, their Natted Tunnel lands on the CURRENT VLAN1. We can land their tunnel on VLAN2 or VLAN3. I don't know how to passthrough their nat. We cannot provide the software partner direct access to the new private cloud. We need to be able to control the connection between the software partner and our new private cloud due to security and other issues. I can nat the NEW VLAN1 servers to IP addresses in VLAN2 and VLAN3. But cannot reach them from outside our network.   

Software partner can reach hardware devices but not those placed in any VLAN virtually via NAT.  

Network Diagram JPG.png

What am I missing?  Note, We will be moving to Cisco FIREPOWER after this move.  

