Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec outbound address

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 286 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DanAvni
      last edited by

      Hi,

      We are setting up an IPSec connection from our local pfSense to a remote customer (he is using FortiNet). He has some limitation on his side that the source address of packets coming through IPSec cannot be the same address as the connection itself nor can he use any private IP address range (so if our public IP address is 1.1.1.1 and our local LAN is 10.0.0.0/24 he needs the source address in the packets set on IPSEC to be neither of the addresses above - 1.1.1.2 or even 8.8.8.8 is ok with him or anything we want because he is doing on his side NAT and he just cares the address is not the same as our public IP)

      How can we change for this IPSEC connection only the source address? should this be done in NAT->Outbound? somewhere else? must the IP we select belong to the subnet of our WAN or can we use any valid IP address even if it does not belong to us?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.