Possible to translate incoming IPSEC addresses to router or network address(es)?

  • I have a working IPSEC between client and pfsense that can access the lan and browse via IPSEC:
    IPSEC client              pfsense                lan  ->  ->

    The IPSEC client is seen on the lan as 10.224.10.#, but due to a restriction, I need them translated to either the router (, old router does this) or preferably to a pool of local lan addresses. I tried using the nat/binat many different ways (subnet/single address, etc) but it never changed the IPSEC address. I tried other things I found but no luck.

    My questions are: Is this possible to do either with pfsense? If so, can someone point me in the right direction?  I obviously am missing something important.

Log in to reply