OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Ipsec NAT/BINAT option missing
« previous next »
  • Print
Pages: [1]

Author Topic: Ipsec NAT/BINAT option missing  (Read 4017 times)

wickeren

  • Newbie
  • *
  • Posts: 10
  • Karma: 0
    • View Profile
Ipsec NAT/BINAT option missing
« on: September 09, 2017, 03:28:47 pm »
Reading the docs it seems there should be a NAT/BINAT options in the ipsec phase2 settings to do translation before the traffic enters the tunnel. However, in my setup (17.7.1) it is missing. Has this changed and are the docs not updated or am I missing something else?

Julian
Logged

AdSchellevis

  • Administrator
  • Hero Member
  • *****
  • Posts: 907
  • Karma: 184
    • View Profile
Re: Ipsec NAT/BINAT option missing
« Reply #1 on: September 09, 2017, 04:37:15 pm »
Hi Julian,

You need the manual SPD entries at the bottom of the phase 2 entry plus a nat/binat rule.
For more information see https://github.com/opnsense/core/issues/440

Best regards,

Ad
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17660
  • Karma: 1611
    • View Profile
Re: Ipsec NAT/BINAT option missing
« Reply #2 on: September 09, 2017, 04:50:03 pm »
The NAT/BINAT option no longer exists in the Phase 2 setup, I proposed a change in the docs to reflect that.

The setting is automatically set up now, unless you require NAT before IPsec, which Ad was pointing to with issue #440.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Ipsec NAT/BINAT option missing
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2