I have a network with 2 sites joined by a VPN, Site 1 and Site 2. Site 1 LAN network is 10.0.2.0/24 and Site 2 LAN is 192.168.168.1. I need to route traffic from the Site 1 LAN to Site 2's ISP. Site 1 is a Sonicwall 210 and Site 2 is an Adtran 3120.
I can ping each LAN through the VPN, no problems there. I have a rule in the Public security zone at Site 2 to NAT with overload traffic with source 10.0.2.0/24 destination any. When I ping 126.96.36.199 from Site 1 I can see traffic route to Site 2 and come in the Public policy.
However I do not see anything in the Private policy NATting these packets to the ISP at Site 2. I have copied the sanitized config below:
Any help is greatly appreciated!
crypto ike policy 100
local-id address 73.x.x.x
nat-traversal v1 disable
nat-traversal v2 force
crypto ike remote-id address 64.x.x.x preshared-key "PSK" ike-policy 100 crypto map VPN 10 no-mode-config nat-t v2 force
ip crypto ipsec transform-set esp-aes-256-cbc-esp-sha-hmac esp-aes-256-cbc esp-sha-hmac