Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Need to appear as different subnet over IPSec VPN

    NAT
    3
    4
    1599
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      ttblum last edited by

      Hello,

      I have a lot of LANs with subnet '192.168.1.0/24' that all need to connect to a LAN behind a Cisco 3005 VPN Concentrator via IPSec VPNs.  I'm wanting to save myself the trouble of having to reconfigure each LAN locally to a different subnet.  I'm assuming there's a way to configure pfSense to NAT the VPN traffic so that the '192.168.1.0' LANs can address the network behind the 3005, and the LAN behind the 3005 can address the '192.168.1.0' network as a different subnet?  Let's say the subnet behind 3005 is '172.16.1.0/24'.

      Thanks,

      Todd

      1 Reply Last reply Reply Quote 0
      • Cry Havok
        Cry Havok last edited by

        No.

        You can do it one way, so that everything can access the 172.16.1.0/24 subnet, but not the other way.

        I'm afraid you'll need to take the hit and renumber those networks.  I'd suggest you use the 10/8 range.  Pick a /16 in that (say 10.128) and then start numbering the networks at zero (10.128.0/24).

        1 Reply Last reply Reply Quote 0
        • T
          ttblum last edited by

          Is pfSense capable of binat, or bidirectional nat?

          Thanks,

          Todd

          1 Reply Last reply Reply Quote 0
          • E
            Efonnes last edited by

            Yes, look under Firewall: NAT: 1:1.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post