NAT/Route before IPSEC from my LAN



  • Hi there

    I've got successful established a tunnel with one Phase 1 and 5 Phase 2 with PFsense to an Astaro device from my costumer. The remote networks are 192.168.29.0/24  192.168.41.0/24 192.168.48.0/24 192.168.57.64/27 192.168.251.176/28. The network where I can access them is 10.251.0.0/24. My local LAN's are 192.168.0.0/24 172.16.100.0/16  172.16.110.0/16 172.16.120.0/16 172.16.130.0/16. On the LAN Interface I've added an Alias with 10.251.0.1.

    How I could access the remote LAN's from my local LAN's

    cheers Darko


  • Rebel Alliance Developer Netgate

    If you need NAT+IPsec, you'll need to use 2.1. There you can specify a NAT subnet on the Phase 2 entry.



  • Is this still the case in 2015?


  • Rebel Alliance Developer Netgate

    @jameswhite:

    Is this still the case in 2015?

    NAT+IPsec has been integrated and working since 2.1-RELEASE, so if you are on a current firmware, you can do NAT+IPsec on the Phase 2 options. If you need help, please start a new thread.


Locked