I know this has been brought up in the past but haven't seen it mentioned in a few years so hoping there's been some development.
I have:
WAN1
WAN2
DMZ1 (VLAN public address)
DMZ2 (VLAN public address)
VLAN
VLAN
VLAN...
Can I translate an address from LAN to DMZ VLANs similar to how you could on an ASA?
Thanks!
Ryan
is the DMZ network a network directly connected to the MX?
it can be
In my experience, you can only NAT from outside to inside LAN and Site-to-site VPN Translation
https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX
https://documentation.meraki.com/MX/Site-to-site_VPN/Using_Site-to-site_VPN_Translation
Yeah that's all known. Need a way to get other subnets to NAT not on WAN interfaces.
With Meraki It's not possible. 😕
But, maybe you can request It to Meraki support:
https://community.meraki.com/t5/Security-SD-WAN/Source-NAT-for-VPN-traffic-Branch-office/m-p/60789
Any news here? I'am currently on a POC and it seems that this is the show-stopper for the Meraki solution.
I simply need a 1-to-many NAT from a LAN to a LAN or VLAN to VLAN.