NAT before IPSec
csfoppa last edited by
I´m facing two problems with ipsec.
First: Because customer needs I have to create a many Phase 2 itens with /32 address. This settings are that, the phase with some host on my internal network doesn´t stay up for a long time.
Second: Due to a other customer needs (network overlapping) I have to NAT my Lan Network to another IP Range before connecting to customer network.
Ie. My lan is 192.168.1.0/24 but I have to come to my customer network as 192.168.119.104/29.
I had configured the NAT resource on phase 2 setting but if start de packet capture I got my 192.168.1.0/24 IP on the Log.
There is a way to fix this ? I don´t like to give up from pfsense but at moment I don´t any other option.