IPSEC BINAT questions
-
Hi,
after establish a tunnel with one site doing a BINAT. I am able to ping 192.168.200.1 from pfsense 192.168.3.1.
In the states i see the NAT ip so it is working.LAN 192.168.3.0/24–(BINAT 192.168.123.0/24)--ipsec<->ipsec--LAN 192.168.200.0/24
pfsense 192.168.3.1 pfsense 192.168.200.1The other direction ping the Pfsense with BINAT ip (pfsense 192.168.123.1??) ist not possible.
Maybe i am wrong; should BINAT not working like that ? Or is some part missing ...regards max
-
In your IPsec firewall rules, make sure you are passing to a destination of the post-NAT IP, 192.168.3.x
-
In your IPsec firewall rules, make sure you are passing to a destination of the post-NAT IP, 192.168.3.x
Is there somewhere I can read in the docs on what order firewall rules and nat rules, etc. are applied/evaluated?
Thank you.