I don't know of a specific document speaking to this, but this doc i
think describes it right.
https://securitynetworkinglinux.wordpress.com/2019/04/19/how-create-a-site-to-site-ipsec-vpn-from-an-opnsense-to-a-fortigate-behind-a-nat-router/
in section 2.3 is where you change My Identifer to be the natted non
RFC1918 ip that the right side will see.
On 2/10/2022 1:55 PM, William Herrin wrote:
On Thu, Feb 10, 2022 at 10:47 AM Juri Grabowski <na...@jugra.de> wrote:
Or buy official supported hardware from https://shop.opnsense.com/
Howdy,
Opnsense looks like it might work. I dug through some of the
documentation but didn't find something entirely on point for my use
case. Are you aware of any documentation which describes:
LAN - OPNSense Appliance - (rfc1918) NAT Appliance (dynamic IP) -
Internet - (static IP) OPNSense appliance - LAN
Where the left-side OPNSense is responsible for establishing and
keeping the NAT translations alive without any special configuration
on the NAT?
Thanks,
Bill
