Hi,

BHconsultants88 · ‎12-01-2016

Hi guys, hopefully someone can help me out here.

We have a corporate network which is accessed by a remote site. Everything is working except access to a corporate mainframe system. Here's the setup of the remote site:

Corporate subnet (CS) - 10.28.99.1
Corporate gateway (CG) - 192.168.7.1
Main site gateway (MG) - 192.168.7.2
Mainframe server offsite (SO) - 172.20.13.15

CG 192.168.7.0 /24 nats to CS 10.28.99.0 /24 so it is able to route in the corporate world. In order for SO to work, it needs to NAT to 10.28.99.22 so it can access the corporate mainframe

There is a NAT rule on the MG that nats 172.20.13.15 to 192.168.7.22

I've added the following static route to CG so that the corporate network can reach the SO:
192.168.7.22 255.255.255.255 via MG

The SO must come back in to the corporate world on .22

Unfortunately, SO is still not working at the site. It says that it is unable to connect. Could someone give me an idea of what I'm doing wrong?

Diagram attached, assistance would be much appreciated

mattjones03 · ‎12-02-2016

Hi,

How are these sites connected?

MPLS, VPN etc

BHconsultants88 · ‎12-03-2016

Hi Matt

Thanks for replying. CG to CS is IPSEC VPN and the same applies at the other end with the SO

I'm pretty sure I need to put a static route somewhere but not sure where.

Any advice, much appreciated.

mattjones03 · ‎12-03-2016

Hi,

Thanks for the information.

Is the gateway at the SO site aware of the return routes back to 10.28.99.0/24 via the IPSec tunnel.

Are you able to share any configuration?

Routing or NAT issue - Help!?