[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NAT and ipsec



Hi all,

I have two networks at home, one being part of a vpn with my office.
I would like to nat the second one so it can also access the vpn (I know I could configure the second network to be part of the vpn but it's more a nat test)
I have a rule like this:


nat on $int_if from 192.168.1.0/24 to <vpn> -> 192.168.170.250

192.168.170.250 being a valid address for vpn and 192.168.1.0/24 being a network not configured for vpn.
This doesn't work, although I see in the states list that pf seems to translate as requested..
Is it because the ipsec stack looks at the packet before it is processed by pf ?


Is there a solution ?