diff --git a/testing/tests/ikev2/net2net-same-nets/description.txt b/testing/tests/ikev2/net2net-same-nets/description.txt
index 5560161889..d0eb3374fb 100644
--- a/testing/tests/ikev2/net2net-same-nets/description.txt
+++ b/testing/tests/ikev2/net2net-same-nets/description.txt
@@ -12,4 +12,4 @@ connection definition of <b>ipsec.conf</b> both on the inbound and outbound traf
 the necessary NETMAP operations and forward the tunneled traffic.
 <p/>
 In order to test both tunnel and firewall, client <b>alice</b> behind gateway <b>moon</b>
-pings client <b>bob</b> located behind gateway <b>sun</b>.
+pings client <b>bob</b> located behind gateway <b>sun</b> and vice versa.
diff --git a/testing/tests/ikev2/net2net-same-nets/evaltest.dat b/testing/tests/ikev2/net2net-same-nets/evaltest.dat
index aaf096de33..bf99bb2783 100644
--- a/testing/tests/ikev2/net2net-same-nets/evaltest.dat
+++ b/testing/tests/ikev2/net2net-same-nets/evaltest.dat
@@ -1,7 +1,10 @@
 moon::ipsec statusall::net-net.*ESTABLISHED::YES
 sun::ipsec statusall::net-net.*ESTABLISHED::YES
 alice::ping -c 1 10.6.0.10::64 bytes from 10.6.0.10: icmp_seq=1::YES
+bob::ping -c 1 10.9.0.10::64 bytes from 10.9.0.10: icmp_seq=1::YES
 sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
 sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
 bob::tcpdump::IP 10.9.0.10 > bob.strongswan.org: ICMP echo request::YES
-bob::tcpdump::IP bob.strongswan.org > 10.9.0.10: ICMP echo reply::YES 
+bob::tcpdump::IP bob.strongswan.org > 10.9.0.10: ICMP echo reply::YES
+bob::tcpdump::IP bob.strongswan.org > 10.9.0.10: ICMP echo request::YES
+bob::tcpdump::IP 10.9.0.10 > bob.strongswan.org: ICMP echo reply::YES 
diff --git a/testing/tests/ikev2/net2net-same-nets/hosts/sun/etc/mark_updown b/testing/tests/ikev2/net2net-same-nets/hosts/sun/etc/mark_updown
index 599389643f..d7b68956cb 100755
--- a/testing/tests/ikev2/net2net-same-nets/hosts/sun/etc/mark_updown
+++ b/testing/tests/ikev2/net2net-same-nets/hosts/sun/etc/mark_updown
@@ -147,8 +147,8 @@ custom:*)		# custom parameters (see above CAUTION comment)
 esac
 
 # define NETMAP
-SAME_NET="10.0.0.0/14"
-IN_NET="10.4.0.0/14"
+SAME_NET=$PLUTO_PEER_CLIENT
+IN_NET=$PLUTO_MY_CLIENT
 OUT_NET="10.8.0.0/14"
 
 # define internal interface
@@ -193,7 +193,11 @@ up-client:)
 	if [ -n "$PLUTO_MARK_OUT" ]
 	then
 	    iptables -t mangle -A PREROUTING $SET_MARK_OUT 
+	    iptables -t nat -A PREROUTING -i $INT_INTERFACE -m mark --mark $PLUTO_MARK_OUT \
+	             -d $OUT_NET -j NETMAP --to $SAME_NET
 	    iptables -I FORWARD 1 -o $PLUTO_INTERFACE -m mark --mark $PLUTO_MARK_OUT -j ACCEPT
+            iptables -t nat -A POSTROUTING -o $PLUTO_INTERFACE -m mark --mark $PLUTO_MARK_OUT \
+                     -s $SAME_NET -j NETMAP --to $IN_NET
 	fi
 	;;
 down-client:)