Hey guys, need some advice, hope I'm not posting the wrong stuff.
We need to establish a site-to-site VPN with one of our clients to our of our office locations.
Since we already have existing VPN tunnels set up to our Azure network, it would be easier to route traffic through that and reduce the number of VPNs required.
Unfortunately our address spaces conflict (they use 10.0.0.0/8) and thus require us to source NAT to an ip on that network, but I can't find any details of Azure supporting NAT on the virtual network gateway.
If Azure NAT is not possible and we'd like to avoid setting up a networking appliance on Azure. What would be the best way to tackle this? Am thinking NAT on premise, and route through Azure.
example address spaces:
on-prem: 10.2.0.0/16, 10.1.0.0/16 (we have Cisco 892 series ISR)
azure: 10.5.0.0/16
client: 10.0.0.0/8 (only required to reach address in the 10.4.0.0/16 range)
provided source IP: 10.12.0.1
No comments:
Post a Comment