NAT enhancements in future revisions?
-
I am running pfSense 1.2.3 RELEASE, and I would like to know if the 2.0 version does or will support the following:
-Allow for the local subnet in an IPSec tunnel to be NAT enabled. i.e. Set the local subnet to a CARP address that uses port forwarding to different hosts and ports. Additionally, all traffic returning to the remote subnet would need be able to have a complimentary outbound NAT rule. Currently there is no way to make this work in pfSense 1.2.3 as I understand it.
-Allow for port forwarding to be source determined. i.e. If 192.168.168.100 and 192.168.168.101 both send traffic to 192.168.168.2 on port 1234, their messages could potentially be sent to completely different destinations determined by where it came from.
If not, is there some form of feature request I can submit?
–Thank you
-
Port forwards do allow you to specify what the source must be for the rule to match in 2.0.
I've heard NAT is supposed to work on IPsec, though I haven't seen any reports on whether it does actually work after having added it to the list of available interfaces for NAT rules.