Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


NAT translation for local network over global VPN

fischnetfischnet Newbie ✭
edited March 2022 in Mid Range Firewalls

Usually when we configure a VPN it is pretty basic for our users. If we have IP overlap we will translate the entire local network. For example if network is we translate it to and everything lines up and works without a hitch. We have a company that is out of India that is requiring a Global VPN and I need to set specific NAT policies for local IP addresses. My local addresses are and which need to be translated to and What is the easiest way to achieve this? Do I need to tie each specific IP to the Translated IP? If so How do I go about that and do I need to put them in a group to add to each VPN location?

Category: Mid Range Firewalls


  • Options

    Hello @fischnet,

    The NAT policy affects all GVC users. So, if you are trying to do this for a specific VPN user, I would suggest to bind the MAC address of the GVC adapter with an IP from the DHCP pool for GVC.

    Once that is done, you can create specific NAT policies that only affects that user:

    For Eg: GVC IP: So this is how the NAT policy should look.

    Original Source:

    Translated Source: Original

    Original Destination:

    Translated Destination:

    Original Service: Any

    Translated Service: Original

    Inbound interface: (WAN interface with which GVC connection would be made. Eg: X1)

    Outbound Interface: Any

    Create another such rule for and

    Please make sure to add and to the VPN access for that username too.

    If you would like to perform this for all GVC clients, you can change the original source to the entire GVC pool and have those addresses added to the VPN access for all GVC users or the user group if created.

    I hope that helps.


    Shipra Sahu

    Technical Support Advisor, Premier Services

This discussion has been closed.