<![CDATA[1:1 NAT to ipsec host (BINAT)]]>Hi Guys,

I´ve got some problems to understand the 1:1 NAT.

My Box is doing some ipsec to a other Company who´s hosting our services.
We´re connected through ipsec with NAT+BINAT (Partner expects traffic from 10.217.22.x/24).
IPSec is working fine. But now I need to do a 1:1 NAT on a host from the external ipsec Net.

The Hosts IP is: 10.218.8.20/24
I can Ping it and connect to the Services from out Network.

So I created a 1:1 rule:
Interface | Externap IP | Internal IP | Dest IP
WAN | EXT_IP | 10.218.8.20 | *

Rule for this:

TCP | * | * |10.218.8.20 | * | * |None | |

But somehow this does not work. Does someone has a Hint?

Greets and Thanks!

]]>https://forum.netgate.com/topic/107638/1-1-nat-to-ipsec-host-binatRSS for NodeThu, 18 Jun 2026 07:11:22 GMTTue, 08 Nov 2016 10:13:24 GMT60