OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • IPSEC BiNAT - Migrating from pfS
« previous next »
  • Print
Pages: [1]

Author Topic: IPSEC BiNAT - Migrating from pfS  (Read 1432 times)

juliocbc

  • Full Member
  • ***
  • Posts: 232
  • Karma: 9
    • View Profile
    • Cloudfence
IPSEC BiNAT - Migrating from pfS
« on: February 21, 2019, 05:34:49 pm »
Greetings from IPSec outerspace!  :)

I'm importing a config from an old pfsense with IPSEC Binat enabled, but when I try to create the NAT 1:1 rule, an error is show.

Scenario:
Local Network: 10.20.30.0/24
Translated Address (that is in SPD entry): 192.169.200.16/32

If the subnet mask are the same, the rule is created without problems, but like I've mentioned above, the existing config uses differents masks.

Am I missing something?

Attached the example rule and the error.

Logged
Cloudfence Open Source Team

hancke

  • Newbie
  • *
  • Posts: 6
  • Karma: 1
    • View Profile
Re: IPSEC BiNAT - Migrating from pfS
« Reply #1 on: March 08, 2019, 09:01:16 pm »
If you will click the full help you will see the info below.  Use NAT for unequal sized networks

"Select BINAT (default) or NAT here, when nets are equally sized binat is usually the best option.Using NAT we can also map unequal sized networks.
A BINAT rule specifies a bidirectional mapping between an external and internal network and can be used from both ends, nat only applies in one direction."

Docs on NAT
https://wiki.opnsense.org/manual/how-tos/ipsec-s2s-binat.html
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • IPSEC BiNAT - Migrating from pfS
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.18 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2