NAT before IPSec



  • Hello,

    I´m facing two problems with ipsec.

    First: Because customer needs I have to create a many Phase 2 itens with /32 address. This settings are that, the phase with some host on my internal network doesn´t stay up for a long time.

    Second: Due to a other customer needs (network overlapping) I have to NAT my Lan Network to another IP Range before connecting to customer network.

    Ie. My lan is 192.168.1.0/24 but I have to come to my customer network as 192.168.119.104/29.

    I had configured the NAT resource on phase 2 setting but if start de packet capture I got my 192.168.1.0/24 IP on the Log.

    There is a way to fix this ? I don´t like to give up from pfsense but at moment I don´t any other option.


Log in to reply