we need an IPSec tunnel with another company which is very strict and unwilling to change anything on their side.
They (site B) is expecting that traffic over the Tunnel is coming from 172.21.105.0/24 and I sadly cannot change this. We don’t have any client machines on our site which has an IP in 172.21.105.0/24.
Our IPFire (site A) only has a green network 192.168.5.0/24 and red.
Can I implement it in any way on IPFire that e.g. 192.168.5.10 get NATted to 172.21.105.10 before being sent through the IPSec tunnel without having an actual gateway or something?
My thought was making a BLUE VLAN (green NIC) with the subnet 172.21.105.0/24 so that this network is present on our side.
Is it even possible with IPFire to have a BLUE network as “local Subnet” in the IPSec configuration (site A)?
Eg. an IP from our green network(site A) sends a request to 10.2.44.100 (site B)
192.168.5.10(green ip) is NATted to blue 172.21.105.10(blue ip) which will be sent over the IPSec tunnel.
And when the response comes back it reaches 192.168.5.10 (green) over the local blue subnet.