Nat through ipsec tunnel

  • basicaly, this post sums it up:,6489.msg37214.html

    but i need to know if it is possible now.

  • I think that could be done using twice the hardware … You will need two sets of pfSense to make it work ...

    LAN1 <-> pf1 <-> pf2 <-> Internet <-> pf2 <-> pf1 <-> LAN2

    The two pf2 establish the VPN and the two pf1 will be configured to route traffic into the VPN.

    Please note, that I haven't tested of tried that, this is only an idea to make this work, but there's no guarantee that it could work...

    If the problem is that the trafic get into the VPN before the NAT in FreeBSD, the idea is to force the NAT before the VPN using a different router.