OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 22.1 Legacy Series »
  • 1:1 NAT over routed IPsec
« previous next »
  • Print
Pages: [1]

Author Topic: 1:1 NAT over routed IPsec  (Read 950 times)

utahbmxer

  • Newbie
  • *
  • Posts: 42
  • Karma: 0
    • View Profile
1:1 NAT over routed IPsec
« on: July 20, 2022, 11:31:57 pm »
Trying to convert an existing VPN from policy to route-based.  The tunnel works fine, but when I enable my 1:1 NAT rule, the traffic never actually leaves the firewall.  It's funny, if I do a tcpdump on the VTI, it appears that traffic is leaving.  However, it's not as I don't see the ESP frames leave my WAN interface, nor are they seen at the remote site.  Disable the NAT and traffic flows.

To use the 1:1 NAT on the policy-based tunnel, I had to add the "real" local host into the Manual SPD entries field of the phase2 entry, however that is not present on routed tunnels.  I'm at a loss.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 22.1 Legacy Series »
  • 1:1 NAT over routed IPsec
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2