Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT Source network for VPN

    Scheduled Pinned Locked Moved NAT
    5 Posts 4 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gnh
      last edited by

      Hi,

      I have to setup a VPN with another company - our internal address ranges clash so they are asking me to NAT our source network to a specific single IP that they supply eg. 10.255.166.1 - is this possible with PFsense & if so how would I go about doing it ?

      Many thanks

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG Offline
        GruensFroeschli
        last edited by

        With OpenVPN this is possible.
        Not sure about IPSEC.

        You would assign the OpenVPN interface as an OPT.
        Then enable Advanced outbound NAT and enable NATing for the OpenVPN interface.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • G Offline
          gnh
          last edited by

          Unfortunatley I need to use IPsec

          1 Reply Last reply Reply Quote 0
          • T Offline
            thowes
            last edited by

            Did anyone find a solution to this? I have the same problem at one of my customers locations.
            They have LAN addresses which are already in use at the remote location. I would like to source NAT the IPSec connection to the firewall's WAN address or similar.

            1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate
              last edited by

              There is no solution for IPsec right now. It's a limitation of the underlying software.

              There was a bounty open with a proposed solution but the funding was removed before any work could be completed, and it required some lower-level changes in C code in the software being used.

              Check the expired bounties forum for more details.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.