[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NAT and ipsec

Hi all,

I have two networks at home, one being part of a vpn with my office.
I would like to nat the second one so it can also access the vpn (I know I could configure the second network to be part of the vpn but it's more a nat test)
I have a rule like this:

nat on $int_if from to <vpn> -> being a valid address for vpn and being a network not configured for vpn.
This doesn't work, although I see in the states list that pf seems to translate as requested..
Is it because the ipsec stack looks at the packet before it is processed by pf ?

Is there a solution ?