OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: hancke on March 08, 2019, 09:33:05 pm
-
I'm having issues getting 1:1 NAT to work consistently in use with an IPSEC tunnel. The NAT'd IP will not trigger the IPSEC but I can ping through the tunnel if I start it manually under Status Overview.
-
I'd rather look why the VPN is not always on?
-
My guess is the 1:1 NAT is not working correctly and interesting traffic never hits the tunnel to bring it up.
Add:My translated NAT IP is an IP within the WAN subnet. Not sure if that matters.
-
Deleted the IPSEC and 1:1 NAT entries and started over. I can get the tunnel up with one of two phase 2 entries but not both. It appears that PAT is not working on 1:1 NAT.
I can make this same config work on a Sonicwall or pfsense. Seems Opnsense does NAT on IPSEC a little different.