Same Network "IP Adresses" on user side and company side - mobile IKEv2 VPN

if the mobile ikev2 user have the same Network as his company. With our old Firewall vendor we created a "NETMAP". Its a virtual network wich masqurades the home network of the user.

Does 1-to-1 Nat in watchguard do the same? and is it avaiable for mobile ikev2 connection?

how do you solve this Problem?

Thank you so much


  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Shady

    The 1-to-1 NAT feature can potentially fix this, but needs to be done on the client side -- both the built in Windows and Mac IKEv2 clients don't do this. The IKEv1 WatchGuard Mobile VPN client can do this, but that's using IPSec/IKEv1, not IKEv2.

    -Not using very common subnets (like 192.168.0.x, 192.168.1.x, 192.168.100.x) are generally the best way to keep this from happening.

    -If the customer's network is simple (as in everything is DHCP,) having them change the subnet on their home router is likely the best way to work around this issue. Most home routers have a setting to change this.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.