<![CDATA[1:1 NAT across IPsec tunnel?]]>

<![CDATA[1:1 NAT across IPsec tunnel?]]>Hello,

I saw this was not supported in the past (3+ years ago) and wanted to see if this is possible in the latest version or if anyone else has been able to get this to work?

I've done 1:1 host NAT entries before with ASAs and would like to do the same with pfSense. I understand BiNAT works under the phase 2 settings for the entire network but I'd like to NAT multiple 1:1 entries. Setting up at outbound NAT or 1:1 NAT shows the internal IP undergoing NAT but it never traverses the IPsec tunnel.

Still a no-go with pfSense?

Thanks for your time!

]]>https://forum.netgate.com/topic/144094/1-1-nat-across-ipsec-tunnelRSS for NodeWed, 15 Apr 2026 20:24:20 GMTWed, 12 Jun 2019 14:10:15 GMT60<![CDATA[Reply to 1:1 NAT across IPsec tunnel? on Thu, 13 Jun 2019 14:44:03 GMT]]>You have to use Phase 2 entries with BINAT. You can make one phase 2 entry per mapping if you must do them individually.

]]>https://forum.netgate.com/post/848162https://forum.netgate.com/post/848162Thu, 13 Jun 2019 14:44:03 GMT