NAT 1 to 1 with only WAN interface available traffic from ipsec tunnel



  • I am unable to get traffic forwarded to clients behind the WAN interface using 1 to 1 nat for traffic coming from a IPsec tunnel, any other configuration that in missing ?

    if i create a virtual ip and create a 1 to 1 nat to the WAN interface ip address it works (can ping from other end of the tunnel) but any other host on the WAN interface i cannot.

    *Virtual pFsense appliance with only one interface (WAN) on amazon AWS.

    Thanks.


  • LAYER 8 Netgate

    NAT for IPsec traffic is handled in the Phase 2, not on WAN.


Log in to reply