Automatic outbound NAT rules and GRE

  • I spotted something that seems like an incorrect behavior. I am using hybrid/automatic outbound NAT rules on pfSense 2.4.2. After adding a GRE interface and enabling it, automatic outbound NAT rules appear for it and cannot be removed. This doesn't seem to be a correct configuration, because one wouldn't usually want to perform NAT on the GRE interface. Is this a bug or expected behavior?

  • Can someone confirm that this isn't the expected behavior? I intend to log a feature request to be able to exclude a GRE interface from the automatic outbound NAT rule generation.

  • Can anybody answer this? Does it seem reasonable to have a checkbox for every gateway providing the possibility to exclude that particular gateway from automatic outbound NAT rules? Or perhaps have such a checkbox for GRE interfaces only?