I found a problem! I very sorry. I didn't pay attention to outgoing NAT
rules and tagging outside the internal network.
pass out quick on egress tagged OUT nat-to X.X.X.3
pass in quick on { $prod_if $mgmt_if } from to ! tag OUT
Sorry again. I'm inconsiderate. :(
чт, 19 нояб. 2020 г. в 20:45, De
Hello all!
I'm trying to create an IPSec (IKEv1) tunnel from my router to foreign
host. I've got FLOWS and SAD records for foreign host, everything might be
ok but esp packets go from the wrong IP address.
Configuration (sorry I need to hide my real net):
Foreign router:
Y.Y.Y.Y/24 - foreign net
2 matches
Mail list logo
