How to configure binat for a VPN tunnel?

IPsec
Log in to reply
  • T

    Hello,

    I have a lot of branch offices with the same subnet addresses configured that I need to interconnect to me via VPN tunnels.  I don't think my Cisco PIX 535 endpoint would be able to tell them apart if I did not binat these subnets to be unique from each other.

    So, I need to set up IPSec VPN tunnels where the remote network (eg. 172.16.10.0/24) addresses my local network (eg. 192.168.1.0/24) as a different subnet (eg. 192.168.74.0/24).  My local network should be able to address the remote network as well.  What is the best way to do this?  I am running the embedded nanobsd version '1.2.3-RELEASE'.

    Thanks,

    Todd

    0
  • jimp
    Rebel Alliance Developer Netgate

    You can't do NAT+IPsec on pfSense 1.2.3. You can do it on 2.0, however.

    0
  • T

    Hi,

    OK, thanks.  Assuming the current 2.0 is OK for a production gateway VPN/NAT router?

    Thanks,

    Todd

    0
  • jimp
    Rebel Alliance Developer Netgate

    It's still BETA (BETA5 actually) and there are a couple of issues that some people hit in the last few weeks that are problematic.

    I'd say it's worth trying as a proof of concept but I would hesitate to put a current snapshot into production as-is for the moment.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy