On Thu, May 22, 2008 at 11:42 AM, Matthew Grooms <[EMAIL PROTECTED]> wrote: > > Hmmm. Assuming the L2TP clients are roaming with dynamic addresses, why not > setup rules that forward IPsec related traffic from anywhere but the static > IPsec peers to the L2TP host? I'm not sure how the pfsense rules would look > but in plain pf it would look something like this ... >
Hmm, that's a good idea. Unfortunately we only allow policy NAT in outbound NAT, not inbound, so that wouldn't be possible now. I opened a feature request ticket, that would be nice to have at some point. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
