NAT before IPSEC - reply packets stuck at enc0
Muenz, Michael
m.muenz at spam-fetish.org
Wed Jul 19 09:27:10 UTC 2017
Am 19.07.2017 um 10:32 schrieb Andrey V. Elsukov:
>
> What about reverse NAT rule? You need to translate decrypted packets
> back to 10.26.2.0, otherwise they will still have 10.26.1.1 IP address
> as final destination and will not be forwarded to 10.26.2.0.
>
Hi Andrey,
I'm not really familiar with ipfw syntax, I'm more the linux guy and
there the state you be tracked.
How should I build the rules to do the reverse nat? I'm googling for 2
days now but I only found port redirects for this.
Thanks for taking the time!
Michael
More information about the freebsd-net
mailing list