IPSEC Nat Issues



  • I've seen these questions asked elsewhere, but I'm hoping someone can point me to the specific documentation on how to make this happen.

    My Network: 10.10.10.0/24
    Customer Network 10.0.0.0/8
    Customer Endpoint 10.120.0.32 (I can ping this)

    They want me to have an endpoint of 172.16.199.1
    My actual endpoint that needs to recieve traffice is 10.10.10.210

    How would I setup phase two to make this happen?

    Thank you very much in advance,


  • Rebel Alliance Developer Netgate

    In the local network part of the phase 2, put Address and 10.10.10.210. Directly underneath that, put the NAT address to show the other side, 172.16.199.1.

    For the remote network, if you need to reach all of 10/8, put that, otherwise put in the IP address they gave, 10.120.0.32


Log in to reply