[Bug 248474] NAT broken on IPsec/VTI [if_ipsec]
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Aug 7 19:14:39 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248474
Ziomalski <kokosmaps at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|Not A Bug |FIXED
--- Comment #23 from Ziomalski <kokosmaps at gmail.com> ---
(In reply to Michael Muenz from comment #22)
Thanks Michael for your comments/testing.
Can you expand a bit on mixing route/policy based connections? I actually
require one of each for my setup. My production is running on EdgeMax and this
VTI/NAT issue was my last road-block to switching to pf/opn-sense, or so I
thought.
[VTI]
LAN(192.168../16) -> filtered dest. subnets -> VTI with NAT(10.../32)
[Policy]
LAN(192.168../16) -> Remote net(60.../29) -> Tunnel with NAT(193.../32)
Local-193.../32
Remote-60.../29
Both of these VPNs are only used one way. The far end does not connect to our
resources.
You have me worried with your statement and so any advice would be great. Are
you a dev for one of the sense? Should I move this to a forum?
I'm a bit under-experienced compared to you guys(especially with the backend
stuff) so I really appreciate the help.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list