Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSec & NAT

    NAT
    3
    4
    673
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dsvj1977 last edited by

      Hi everyone!

      I have a situation, and I hope this is the right place to ask the question!  If not, please kick me repeatedly and shove to the right area.

      I have an IPSec tunnel setup, my endpoint IP being 10.42.10.255.  The remote endpoint IP is 10.42.10.254.  I need to create a NAT rule, as the machine I need to access on the other end is 172.20.50.243.  My local LAN subnet is 192.168.1.0/24.  Where is in pfSense would I start to solve this issue?

      Thanks,
      Daryl

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned last edited by

        How did you come up with the idea that you need the NAT?

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis last edited by

          With the right remote networks specified across the VPN tunnel, and firewall rules that pass the traffic, traffic will be routed fine. There is no need for NAT.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • D
            dsvj1977 last edited by

            Well, it turns out the information originally provided to me was incorrect, and helps to answer why doktornotor questioned the validity of needing NAT! :)

            Turns out my local IP will be 172.20.50.243.
            There are 2 machines I am accessing on the other end, and they are 10.42.10.254 and 10.42.10.255.  I need to NAT from 192.168.1.0/24 to 172.20.50.243, as the other end rejects the connection otherwise.

            Does any of this make sense?

            Thanks,
            Daryl

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy