RED: 1:1 NAT Support for RED devices
two remote LANs with the same IP range/netmask cannot be connected to the same central ASG by using RED devices in the remote offices. ASG wouldn´t be able to route the traffic on the central ASG correctly.
All examples have in common (which is likely), that several of the "remote LAN's" will have the same IP ranges (e.g. surely 192.168.1.0/24 and 10.1.1.0/24 will be used often).
As the RED device bridges the LAN to the central ASG, there is no possibility to route the network traffic correctly on the central ASG.
So we need a SNAT/MASQ mechanism on the RED devices, so the RED devices can hide the remote LAN's IP's behind a static, centrally route-able IP.
in a large RED-VPN Projekt is the problem that multiple Branch Offices have the same Network (192.168.100.0/24) and it is not possible to change the network in these locations. What we need is a possibility to make a NAT network Mapping, so that all networks can be connected to one ASG and the traffic individual restricted.
samuel heinrich commented
We currently evaluating a solution for remote supporting 200-300 customers via RED Tunnels and we would need exactly this NETMAP feature to make this work. Is there any release date when this feature will be integrated?
Gert Hansen commented
We will NOT integrated SNAT and MASQ into RED devices as we want to make sure the functionality and logic inside RED stays as simple as it is today. The simpler it is, the less it fails. :)
But we are aware of these and similar use case and we already work on prototyping a feature called 'virtual networks for RED', which allows you to specify a Virtual network on the RED configuration inside the ASG and we will perform the Network Mapping NETMAP on the ASG. You will get a 1:1 mapping of RealIP and VirtualIP.
Benjamin Hodge commented
We need this now!!! Almost every application and project I and my partners want to use RED for needs this feature.