How to disable NAT on Keenetic for WireGuard interface?

T

tictac172020-08-28 11:11:38

Computer networks

tictac17, 2020-08-28 11:11:38

Two offices are connected by VPN via WireGuard. The first mesh is 192.168.1.0/24, the second is 192.168.2.0/24. The bottom line is this - when you try to ping to a computer on a remote network, it turns out that packets come to it already from IP 172.16.82.1 (configured according to the manual on the manufacturer's website), and not from my computer's IP 192.168.1.58. Previously, they always went directly to IPSec, but now they seem to "pull" through the IP of the WireGuard peer. In other words, tracert now shows three addresses, the intermediate one shows the WireGuard gateway. Naturally, the remote computer does not let through packets from it, because it is a firewall, and there is no way to configure it yet. The first mesh in the firewall was once allowed. How to turn it off, who faced?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexey Dmitriev, 2020-08-28
@SignFinder

1. Google on request "disable keenetic NAT".
There you will find options for disabling on the interface for example.
2. Write to Zyxel technical support - it's good that they have Russian and adequate.

N

Nday001, 2020-09-02
@Nday001

Disable NAT in the tunnel. All outgoing packets will be from addresses from the local network
(config)> no ip nat Home
(config)> ip static Home ISP Where ISP is the Interface to the Internet, Home is the local network.
(config) > system configuration save