Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Policy based VPN with NAT on TNSR

    TNSR
    2
    3
    869
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prasadpkulkarni last edited by

      Hi ,

      Is it possible to set Policy Based VPN on TNSR with Source NAT ( similar to PFSense ) ?

      also does route based VPN support source NAT for IPsec VPN ?

      Thanks in advance

      Regards,

      Prasad

      Derelict 1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate @prasadpkulkarni last edited by

        @prasadpkulkarni said in Policy based VPN with NAT on TNSR:

        Hi ,

        Is it possible to set Policy Based VPN on TNSR with Source NAT ( similar to PFSense ) ?

        I assume you are referring to what is possible with OpenVPN, since NAT is not supported on IPsec VTI interfaces?

        No, policy-based routing is not currently supported.

        also does route based VPN support source NAT for IPsec VPN ?

        tnsr handles NAT differently than pfSense, operating on inside and outside interfaces and pools, instead of source addresses and outbound interfaces. I have not personally tried making an IPsec ipip interface a NAT outside interface but it seems like it could work. You can read all about NAT in tnsr here:

        https://docs.netgate.com/tnsr/en/latest/nat/index.html

        Thanks in advance

        Regards,

        Prasad

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 1
        • P
          prasadpkulkarni last edited by

          @Derelict

          Thanks for reply , I think I got answer for Policy Based VPN ( like PFSense) that it is not supported on TNSR

          What I am looking for is have NAT before IPSec due to overlapping of Private Network , is that possible ? the NAT document gives info related to NAT at interface level but not for what I am looking for ( IPSec ).

          Is there any reference documents for this ?

          Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post