NAT VPN Ipsec Pfsense



  • I have a vpn Ipsec set but the P2 there are two hosts with the same network rank 172.20.x.x as my lan. The other site can not perform masked in its presentation. How do I solve it from my side? I need to perform a nat to a fake ip and that it goes to the vpn? sorry for mi english


  • Rebel Alliance Developer Netgate

    If you are already connected to a site that has that network, then the other side must do NAT, not you. There isn't a way for you to hide that conflict using a single firewall.

    There are some ugly ways around it, like setting up a second firewall to handle that one VPN and do NAT between your main firewall and that firewall, but it's not ideal.

    You could also renumber your LAN, but that would be significantly more work.