4. IPSec: NAT for every local Subnet?

IPSec: NAT for every local Subnet?

  • J

    Hi,

    we plan to change from OpenBSD to Pfsense. We have

    6x Local Subnets (like 192.168.x.x/24)
    10x IPSec Phase 1
    18x IPSec Phase 2 (like 10.200.0.0/16, 192.168.x.x/24)

    NAT Network 192.168.136.0/24

    I was testing the IPSec Connections on PfSense, but did I realy setup one Phase2 for every local Subnet for NAT?

    On OpenBSD we have a loopback Interface for NAT.

    "localnetwork>NAT_loopback_Interface>Tunnel>remote Network"
    "192.168.x.x>192.168.136.1>ESP>10.200.0.0/16"

    But did not find any Option for creating loopback Interface on PFsense.

    Or is there a easy way for NAT from multiple local Subnet into IPSec Tunnels?

    I don`t want to have like over 100 Phase2 Tunnels.

    Thanks a lot.

    0
  • E

    You can specify the NAT translation on the phase2 settings page.
    It is clearly marked as NAT segment translate.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy