Per the simplified diagram below, I have a FusionHub instance deployed in Azure, a Balance 210, and a Juniper SSG20. I have established a PEPVPN between the 210 and the FusionHub (star via incontrol), with all traffic from the 210 going thru the FH. I also have an IPSEC VPN established between the FH and the SSG20. Both VPNs are up and passing traffic from the endpoints to the FH. I can ping from the 210 LAN network to the SSG 20 LAN network, but not in the opposite direction. It appears the FusionHub is NATing between the PEPVPN and the IPSEC VPN. On the SSG20, the source of the successful pings is showing as 10.10.10.4, not 192.168.100.x as I would expect. Is there a way to stop the NATing?
Also, what is the best way to configure routes on the Peplinks so the 210 LAN network can reach the MPLS cloud via the SSG20?
Thank you.