NAT and IPSec

beto_rvs

Hi!

I need connect a IPSec VPN and a create a NAT with invalid IP. Its possible?

Example: 2 peers, 200.200.200.1 (I) and 100.100.100.2 (other peer)
my LAN is 192.168.0.1/24 and this IPSec VPN need I connect with IP 10.10.10.4/32 in this VPN. Because in other network (network adm for clients) my LAN exists.

How I configure a Outbound NAT for this?

Anybody help?

Briantist

I'm not sure I understand you correctly, so please bear with me. Are you trying to make a VPN connection to a remote subnet that is the same as your local subnet (both sides have 192.168.200.0/24 for example)? If this is the case and you are trying to get around that using NAT, I'm not sure if it's possible.

beto_rvs

Yes, Is it.

I need a force an outbound NAT for invalid IP. Example: 10.10.10.5/32 for my LAN 192.168.0.0/24.

You Understand me?

Thanks for help.

jimp

Unfortunately this isn't currently possible due to limitations in the underlying software. There have been a few proposals to fix it, but it will take some time from a dev with the C skills to pull it off, which in this case means someone may need to donate some $$$ to a bounty to make it happen. Check the expired bounties forum for info from the last time this came up.