I currently have a pfSense VM at work with the IPSec ports set to 501 and 4501 so as not to overlap with the main Meraki Client VPN we use. I want to replace it with an OPNsense VM, but I need to use the same ports for IPSec. Is this possible with OPNsense? I know it is not a normal use case, and I am fine with it.
Yes, in IPSec "Connections" you can state local and remote port if you enable the advanced mode.
You can only choose 500 or 4500 from that dropdown to stay aligned with IPsec standards.
I see. Thought, it's possible to state a custom port there.
So maybe natting the port can be a workaround.
Quote from: viragomann on May 21, 2025, 06:14:08 PMI see. Thought, it's possible to state a custom port there.
So maybe natting the port can be a workaround.
I have tried to use NAT for pfSense and that doesn't work so well, so I don't think it will work for OPNsense either :(
I suppose I could try one of our alternative IPs and see if it works, I know they don't work for everything though, since Merakis are weird for outbound traffic when them come in on them.