Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT-T Settings

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      iammist
      last edited by

      Hi all,

      Relatively new to pfSense, I'm trying to connect an IPSec tunnel between pfsense and a Palo Alto. Found a guide online and it is advising me to disable NAT-T, however, in the Phase 1 settings, Advanced options, I only have an option for Auto and Forced, but no disable. Is there something I am doing wrong here? We are using pfSense 2.2.1.

      Let me know if you need any further info.

      Cheers.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        The underlying keying daemon used in 2.2x and newer, strongswan, doesn't have an option to completely disable NAT-T. Leaving it to auto is best. There's no need to disable it.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.