[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NAT and ipsec
I have two networks at home, one being part of a vpn with my office.
I would like to nat the second one so it can also access the vpn (I know
I could configure the second network to be part of the vpn but it's more
a nat test)
I have a rule like this:
nat on $int_if from 192.168.1.0/24 to <vpn> -> 192.168.170.250
192.168.170.250 being a valid address for vpn and 192.168.1.0/24 being a
network not configured for vpn.
This doesn't work, although I see in the states list that pf seems to
translate as requested..
Is it because the ipsec stack looks at the packet before it is processed
by pf ?
Is there a solution ?