IPSec tunnel with NAT



  • Hello all,

    I have a customer request for the below scenario ,

    Site1 - PFsense with 3 NIC
    LAN,WAN and MGMT
    LAN subnet : 10.101.60.0/24

    Site2 - Cisco ASA
    LAN subnet : 10.23.88.0/22

    So the request comes from the network engineer in site2 . Because he uses somethere the lan 10.101.60.0/24 he give me a private IP to enter it in pfsense and use this IP as an interesting traffic and NAT ports from this IP to LAN subner behind pfsense. So in pfsense in remote network i have his network 10.23.88.0/22 and in site 2 in remote network he enters as a remote nework the /32 ip he gave me to add to pfsense .

    My question is if i must do something in the nat/binat section in phase 2. If i just enter as a virtual ip the /32 ip and then create NAT rules is this going to work ?

    Thanks a lot



  • Any ideas guys ? A reminder for the above post , We want traffic from site1 to site2 to appear from a single /32 IP .

    Thanks a lot