OPNsense Forum
English Forums => General Discussion => Topic started by: murmelbahn on June 04, 2019, 05:00:07 pm
-
Hello all,
I have a problem NAT in a side 2 side VPN.
My local network at the OPNsense is:
192.168.178.0/24
I'm using 3 tunnels in the second phase of my IPSec VPN. Each one is
on my side for one IP and on the other side for a whole network:
192.168.11.1/32 to 192.168.211.0/24
192.168.11.2/32 to 192.168.211.0/24
192.168.11.3/32 to 192.168.211.0/24
Because the network 192.168.178.0/24 is already in use at the remote side,
Im using the 192.168.11.1, 11.2 and 11.3.
In the configuration for Phase 2 in the OPNsense I've created a
"Manual SPD" entrie in each of the tunnels:
In 192.168.11.1/32 -> Manual SPD = 192.168.178.1/32
In 192.168.11.2/32 -> Manual SPD = 192.168.178.2/32
In 192.168.11.3/32 -> Manual SPD = 192.168.178.3/32
On the remote side the tunnel configurations looks like this:
192.168.11.1/32 to 192.168.211.0/24
192.168.11.2/32 to 192.168.211.0/24
192.168.11.3/32 to 192.168.211.0/24
I have two problems with this setup.
1: How can i tell the OPNsense firewall to rewrite outgoing packages from .178 to .11?
2: How can i tell the OPNsense firewall to rewrite ingoing packages from .11 to .178?
I've found the this:
https://docs.opnsense.org/manual/how-tos/ipsec-s2s-binat.html#
I've tried all possible settings in the One-to-One Nat but
it doesnt work:(
Can someone give me a hint what I have to do?
Thanks in advance