NAT and IPSec



  • Hi!

    I need connect a IPSec VPN and a create a NAT with invalid IP. Its possible?

    Example: 2 peers, 200.200.200.1 (I) and 100.100.100.2 (other peer)
    my LAN is 192.168.0.1/24 and this IPSec VPN need I connect with IP 10.10.10.4/32 in this VPN. Because in other network (network adm for clients) my LAN exists.

    How I configure a Outbound NAT for this?

    Anybody help?



  • I'm not sure I understand you correctly, so please bear with me. Are you trying to make a VPN connection to a remote subnet that is the same as your local subnet (both sides have 192.168.200.0/24 for example)? If this is the case and you are trying to get around that using NAT, I'm not sure if it's possible.



  • Yes, Is it.

    I need a force an outbound NAT for invalid IP. Example: 10.10.10.5/32 for my LAN 192.168.0.0/24.

    You Understand me?

    Thanks for help.


  • Rebel Alliance Developer Netgate

    Unfortunately this isn't currently possible due to limitations in the underlying software. There have been a few proposals to fix it, but it will take some time from a dev with the C skills to pull it off, which in this case means someone may need to donate some $$$ to a bounty to make it happen. Check the expired bounties forum for info from the last time this came up.


Log in to reply