Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - hpsn

Pages1
#1
Virtual private networks / VIP (IP Alias) on VTI
October 20, 2025, 03:16:43 AM
Hi All,

I have a need to configure a VIP on an IPSec VTI, however, when I do this, I cannot see this VIP in the ipsecX interface, nor can I use the VIP in a (S/D)NAT policy. The configured VIP also does not respond to ICMP from the LAN (when an allow all policy exists on the LAN).

Are VIPs on VTI with the new IPSec implementation supported?

Any pointers will be greatly appreciated.

Thanks

#2
Virtual private networks / Re: Switch to VTI filtering and NAT (instead of enc0)
October 19, 2025, 02:41:50 AM
Thank you for providing that clarity! Will have another go at it.
#3
Virtual private networks / Switch to VTI filtering and NAT (instead of enc0)
October 18, 2025, 01:08:25 AM
Hi All,

pfSense has the following configuration option that allows the filtering to be done on the VTI and that also support NAT on the VTI.

PFsense IPsec Filter Mode

Can someone please tell me what is the equivalent option in 25.7.x and the new VPN/IPsec implementation?

Many Thanks
Pages1