IPSec phase2 with NAT/BINAT both sides fails to communicate



  • When I set up an IPSec tunnel with phase2 using NAT/BINAT, communication to the NAT'ed side stops.

    When I remote the NAT/BINAT, all is well.

    I have read https://forum.pfsense.org/index.php?topic=132486.0 which seems quite similar, except that my far side is not Azure, but another of pfSense box that I have control over.

    Of course, if this was my "live" setup, I could just not use NAT, but in the final setup, I need to connect to a service provider who doesn't allow us to do comms over private ip addresses.

    Has anyone run into this and how did you fix it?
    ![Side1 rules.png](/public/imported_attachments/1/Side1 rules.png)
    ![Side1 rules.png_thumb](/public/imported_attachments/1/Side1 rules.png_thumb)
    ![Side2 rules.png](/public/imported_attachments/1/Side2 rules.png)
    ![Side2 rules.png_thumb](/public/imported_attachments/1/Side2 rules.png_thumb)




Log in to reply