4. 2.0.3 LAN-to-LAN IPsec VPN with Overlapping Networks

2.0.3 LAN-to-LAN IPsec VPN with Overlapping Networks

  • C

    I have a connection site2site with this parameters:

    Parameter of configuration
    Phase 1
    encryption aes-256
    authhentication SHA1
    DH Group 2 (1024bit)
    keylife 1440 minuti
    No aggressive mode

    Phase 2
    encryotion aes-256
    authhentication SHA1
    No PFS
    keylife 3600 seconds

    Site A
    Firewall: Pfsense 2.0.3-RELEASE (amd64)
    LAN network: 10.100.0.0/16
    DMZ network: 10.180.1.0/24

    I should use the  network 10.30.48.48 255.255.255.240 to NAT some servers on tunnel ipsec.

    Site B ( a big company)
    Firewall: Fortinet ??
    lan network: I don't know
    Remote LAN for tunnel ipsec: 10.159.48.48 255.255.255.240

    If I specify the 10.159.48.48 on Local Network for Ipsec tunnel the button for connection is missing…

    Is possible to use the network 10.30.48.48 for nat my servers (LAN o DMZ interface) on tunnel VPN ?
    How can I do this ?

    thank you for your support

    0
  • C

    Sorry I read just now that with the new release 2.1

    New features :  will be implemented on IPSEC  NAT before IPsec (1:1 or many:1) outbound.

    I think that with 2.0.3 is not possible to configure IPSEC with NAT. Is correct ?

    0
  • Rebel Alliance Developer Netgate

    Correct, NAT+IPsec will only work on 2.1 using the NAT option in the Phase 2 settings.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy