Re: [pfSense] IPSec nat issue

On 5/27/2016 3:57 PM, Lyle Giese wrote: > unsure how easy that might be. Couldn't you eliminate the conflict by re-addressing your 192.168.1/24 to something else in rfc1918 land? -- Mark Wiater ___ pfSense mailing list

Re: [pfSense] IPSec nat issue

On 5/26/2016 1:23 PM, Mark Wiater wrote: On 5/26/2016 2:09 PM, Rosen Iliev wrote: The other end has a conflict with our LAN addressing(192.168.1.0/24). So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the local Network. NAT/BINAT network of 192.168.85.0/24. Their remote network

Re: [pfSense] IPSec nat issue

Pinging 192.168.85.187 from 192.168.75.220. I am trying to map 192.168.85.x to 192.168.1.x with NAT. Lyle On 5/26/2016 1:09 PM, Rosen Iliev wrote: Hi Lyle, Which IP they are pinging exactly? Rosen Lyle wrote on 5/25/2016 6:54 PM: I am trying to install a new pfSense appliance running 2.3

Re: [pfSense] IPSec nat issue

That's a typo. All routes/subnets are rfc 1918, 192.168.x.x Lyle On 5/26/2016 9:40 AM, Steve Yates wrote: Jumping in midway through, 193.168.1.0/24 belongs to Universite du Luxembourg. If that's not you then the other end could be routing packets there. -- Steve Yates ITS, Inc.

Re: [pfSense] IPSec nat issue

I was running packet capture on the IPSec interface looking for traffic to/from 192.168.75.x and 192.168.85.x and only saw traffic when I pinged their server. Lyle On 5/26/2016 9:32 AM, ED Fochler wrote: I agree. I typically ssh in as root and tcpdump to get a more interactive view of the

Re: [pfSense] IPSec nat issue

I think they would ping 192.168.85.x and incoming pfSense would forward that traffic to 192.168.1.x, doing a 1:1 type NAT. Lyle On 5/26/2016 7:44 AM, Vick Khera wrote: On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: The other end has a conflict with our LAN

Re: [pfSense] IPSec nat issue

On 5/26/2016 2:09 PM, Rosen Iliev wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). > So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the > local Network. NAT/BINAT network of 192.168.85.0/24. Their remote > network is 192.168.75.0/24. It's

Re: [pfSense] IPSec nat issue

On 5/26/2016 2:09 PM, Rosen Iliev wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). > So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the > local Network. NAT/BINAT network of 192.168.85.0/24. Their remote > network is 192.168.75.0/24. It's probably

Re: [pfSense] IPSec nat issue

Hi Lyle, Which IP they are pinging exactly? Rosen Lyle wrote on 5/25/2016 6:54 PM: I am trying to install a new pfSense appliance running 2.3 Release. works fine until I setup a IPSec tunnel. The other end has a conflict with our LAN addressing(192.168.1.0/24). So in phase 2, we setup a

Re: [pfSense] IPSec nat issue

Jumping in midway through, 193.168.1.0/24 belongs to Universite du Luxembourg. If that's not you then the other end could be routing packets there. -- Steve Yates ITS, Inc. -Original Message- > On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: > >> The other end has

Re: [pfSense] IPSec nat issue

I agree. I typically ssh in as root and tcpdump to get a more interactive view of the network, but packet capture should give you the same data. You should be seeing traffic even if it is rejected or dropped by your firewall rules. If you’re not seeing ping, it’s not showing up at your

Re: [pfSense] IPSec nat issue

On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). So > in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 > > for the local Network. NAT/BINAT network of 192.168.85.0/24. Their > remote network is

[pfSense] IPSec nat issue

I am trying to install a new pfSense appliance running 2.3 Release. works fine until I setup a IPSec tunnel. The other end has a conflict with our LAN addressing(192.168.1.0/24). So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the local Network. NAT/BINAT network of