Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Outbound NAT not translating over IPSec

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wrlsmik
      last edited by

      @hoba:

      This is not doable through the gui currently (not sure if it's doable at all).

      Does this mean that an Outbound NAT rule will not apply over IPSec VPN?

      We're attempting to translate the Source IP 10.10.70.x to a specific Source IP of 10.10.60.120 so that the remote side [of the VPN] would see traffic coming from 10.10.60.120 instead of 10.10.70.x.  So far, our tests show that the NAT Translation is not carrying over to the remote side.  Pings still show coming from 10.10.70.x.
      I thought that there could be a XML command that could assist, but have not found one yet.

      <nat><ipsecpassthru><advancedoutbound><rule><source>
      <network>10.10.70.0/24</network>

      <sourceport><descr><target>10.10.60.120</target>
      <interface>lan</interface>
      <destination><address>172.16.0.0/23</address></destination>
      <natport></natport></descr></sourceport></rule>
      <enable></enable></advancedoutbound></ipsecpassthru></nat>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.