Greetings we have recently deployed an MPLS network for one of our customers, all internet traffic is routed out via a firewall managed by ourselves at the HQ location.
All remote sites have mpls addresses assigned in the 172.18.255.0/30 range, all internal lan facing subnets have allocations in the 10.130.0.0 /16 range.
At present if i form a remote access ipsec vpn connection with the firewall i can gain access to each router on its lan facing interface but cant get access to its mpls facing interface on the 172.18.255.0/30 range. This still applies if i add the 172.18.255.0/30 network to the split tunnel acl. I can ping devices on the 172.18.255.0/30 network from the firewall.
For remote access vpn connections is it possible to put NAT statements on the firewall on an inbound direction to say translate the outside address of the remote site from 172.18.255.x to 10.130.x.x?
Any help would be much appreciated.