NAT before IPSec

  • Hello,

    I´m facing two problems with ipsec.

    First: Because customer needs I have to create a many Phase 2 itens with /32 address. This settings are that, the phase with some host on my internal network doesn´t stay up for a long time.

    Second: Due to a other customer needs (network overlapping) I have to NAT my Lan Network to another IP Range before connecting to customer network.

    Ie. My lan is but I have to come to my customer network as

    I had configured the NAT resource on phase 2 setting but if start de packet capture I got my IP on the Log.

    There is a way to fix this ? I don´t like to give up from pfsense but at moment I don´t any other option.

Log in to reply