NAT-T Settings

  • Hi all,

    Relatively new to pfSense, I'm trying to connect an IPSec tunnel between pfsense and a Palo Alto. Found a guide online and it is advising me to disable NAT-T, however, in the Phase 1 settings, Advanced options, I only have an option for Auto and Forced, but no disable. Is there something I am doing wrong here? We are using pfSense 2.2.1.

    Let me know if you need any further info.


  • The underlying keying daemon used in 2.2x and newer, strongswan, doesn't have an option to completely disable NAT-T. Leaving it to auto is best. There's no need to disable it.

Log in to reply