IPSEC BiNAT - Migrating from pfS

Started by juliocbc, February 21, 2019, 05:34:49 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 21, 2019, 05:34:49 PM
Greetings from IPSec outerspace!  :)

I'm importing a config from an old pfsense with IPSEC Binat enabled, but when I try to create the NAT 1:1 rule, an error is show.

Scenario:
Local Network: 10.20.30.0/24
Translated Address (that is in SPD entry): 192.169.200.16/32

If the subnet mask are the same, the rule is created without problems, but like I've mentioned above, the existing config uses differents masks.

Am I missing something?

Attached the example rule and the error.

Cloudfence Open Source Team
March 08, 2019, 09:01:16 PM #1
If you will click the full help you will see the info below.  Use NAT for unequal sized networks

"Select BINAT (default) or NAT here, when nets are equally sized binat is usually the best option.Using NAT we can also map unequal sized networks.
A BINAT rule specifies a bidirectional mapping between an external and internal network and can be used from both ends, nat only applies in one direction."

Docs on NAT
https://wiki.opnsense.org/manual/how-tos/ipsec-s2s-binat.html
Print
Go Up Pages1
User actions