Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
1:1 BINAT/NAT IPSEC
« previous
next »
Print
Pages: [
1
]
Author
Topic: 1:1 BINAT/NAT IPSEC (Read 3536 times)
hancke
Newbie
Posts: 6
Karma: 1
1:1 BINAT/NAT IPSEC
«
on:
March 08, 2019, 09:33:05 pm »
I'm having issues getting 1:1 NAT to work consistently in use with an IPSEC tunnel. The NAT'd IP will not trigger the IPSEC but I can ping through the tunnel if I start it manually under Status Overview.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: 1:1 BINAT/NAT IPSEC
«
Reply #1 on:
March 09, 2019, 07:13:25 am »
I'd rather look why the VPN is not always on?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
hancke
Newbie
Posts: 6
Karma: 1
Re: 1:1 BINAT/NAT IPSEC
«
Reply #2 on:
March 10, 2019, 04:25:50 pm »
My guess is the 1:1 NAT is not working correctly and interesting traffic never hits the tunnel to bring it up.
Add:My translated NAT IP is an IP within the WAN subnet. Not sure if that matters.
«
Last Edit: March 10, 2019, 04:49:12 pm by hancke
»
Logged
hancke
Newbie
Posts: 6
Karma: 1
Re: 1:1 BINAT/NAT IPSEC
«
Reply #3 on:
March 10, 2019, 05:43:35 pm »
Deleted the IPSEC and 1:1 NAT entries and started over. I can get the tunnel up with one of two phase 2 entries but not both. It appears that PAT is not working on 1:1 NAT.
I can make this same config work on a Sonicwall or pfsense. Seems Opnsense does NAT on IPSEC a little different.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
1:1 BINAT/NAT IPSEC