Turn Off NAT for OpenVPN

An Aviatrix OpenVPN® Gateway performs a NAT function for the user’s VPN traffic, effectively masking out the VPN client’s virtual IP address assigned by gateway from the VPN CIDR Block. This does not affect profile-based policy enforcement as the landing VPN gateway has the information of the virtual IP address before NAT is performed and enforces policies based on user identification.

If you do want to preserve the virtual IP address after the client packet leaves the gateway, you can do by enabling the PBR function.