https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248474
--- Comment #2 from Ziomalski <kokosm...@gmail.com> --- (In reply to crest from comment #1) The reason I posted here was because of the following pfSense Dev response: https://forum.netgate.com/topic/155803/nat-still-broken-on-ipsec-vti/2 I am currently on pfS 2.4.5 which is still FreeBSD 11.3. I have my 192.168 lan subnet that needs to communicate accross a VTI as a single IP 10.x.y.z with NAT. Packet capture on the VTI shows correct translation in both directions however it never reaches back to my LAN. However, I have noticed that the default deny rule on the WAN shows the 10.x.y.z destination as blocked. My ipsec firewall tab has an allow *all* rule. If you are positive about 12.1, I think my best bet is to spool up the new 20.7 Opnsense and give it a go there. I can provide the details to my current config but I think this is a dead end with 11.3 Thanks for your help! -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
