IPSEC with NAT on one end

  • Hi,

    I need to connect some users to a remote partner network using IPSec.

    I'm using pfSense after a router serving a intermediate network with NAT.

    User +
    User +–-+ pfSense +---+ Netopia Modem/Router +---+ Internet +---+ Nortel Contivity
    User +

    I think my users could be seen as roadwarrior users sharing the same link.

    What are the aspects to address? Is there particular setup to be performed on pfSens/Nat side?



  • Does your Netopia have VPN capability? If so, it may be easier to set up the VPN from the Netopia to Nortel and just allow the necessary traffic through pfSense.
    Otherwise, check out the doc below.


  • I moved the IPSec to an opt connection with a internet ADSL modem connected to, so the IPSec is dirrectly on Internet without NAT anymore.

    I'll move to other trouble I guess.

Log in to reply