pfSense

So I have a virtualized lab setup that has to connect to a corporate development lab. I have a layered setup where I have my MAC, vmware fusion, then two virtual machines, the pfsense and my development box. The last two are configured such that the development vm is behind the pfsense. My configuration is setup such that all traffic is to be routed thru the tunnel. (0.0.0.0/0)

If I setup the Networking to be NAT'd (share with host), the ipsec tunnel will spin up fine, but no traffic will traverse the firewall. I have validated this with tcpdump -i em0 -n esp and tcpdump -i enc0. Zero traffic is generated. I am connecting up to a Palo Alto Firewall.

If I setup the networking to be Bridged, then it works fine.

I cant always run bridged because alot of modern corporate wireless connections specifically do not hand out another dhcpd offer setups like this. Or atleast the ones I have to deal with. Forcing my hand to use NAT.

I have verified this behavior on 2.4.5p1 and 2.5.1