OPNsense Forum
English Forums => Virtual private networks => Topic started by: wtelese on November 17, 2022, 07:47:06 pm
-
Hello to everyone,
i've a customers that come to my firewall with VPN IPSEC
SITE A -> WAN 1.2.3.4 LAN 192.168.2.0/24
SITE B -> WAN 4.3.2.1 LAN 172.10.50.80/28
Phase1 - OK!
Phase 2 - Customer - Site B is behind NAT and tould me this parameters
REMOTE IP SITE B 4.3.2.1
PRIVATE SUBNET SITE B 172.10.50.80/28
REMOTE IP SITE A 1.2.3.4
PRIVATE SUBNET SITE A 172.10.52.80/28
In the Phase 2 these are the set parameters
LOCALNETWORK Network 172.17.52.80/28
REMOTENETWORK Network 172.17.50.80/28
Manual SPD Entries 192.168.2.0./24
After i've created a NAT One-to-One
TYPE NAT
EXTERNAL NETWORK 172.17.52.80/28
SOURCE NETWORK 192.168.2.0/24
DESTINATION NETWORK 172.17.50.80/28
BUT ... DO NOT FUNCTION!!
in the LOG the error is
traffic selectors 172.17.52.80/28 === 172.17.50.192/28 unacceptable
Where am I doing wrong? What the wrong parameter?
Can you help me please.