Project

General

Profile

Bug #9320

Outbound NAT and multiple IPSEC IPs for mobile warriors

Added by Christian R. over 1 year ago. Updated about 2 months ago.

Status:
Resolved
Priority:
Normal
Category:
Rules / NAT
Target version:
Start date:
02/13/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.x
Affected Architecture:
All

Description

https://github.com/pfsense/pfsense/pull/4049

Normally all IPs are added to the automatic outbound NAT. With the changes from [[https://redmine.pfsense.org/issues/8644]] / [[https://github.com/pfsense/pfsense/pull/3965]] this got lost for the individual IPSEC IPs.

github pull request has the fix inside.

History

#1 Updated by Jim Pingle over 1 year ago

  • Subject changed from Outbount NAT and multiple IPSEC IPs for mobile warriors to Outbound NAT and multiple IPSEC IPs for mobile warriors

#2 Updated by Vladimir Lind over 1 year ago

Applied https://github.com/pfsense/pfsense/pull/4049/commits/8897cbce7fc410029ac367eeee7c12261fec896f via system_patches and verified that individual mobile IPsec IP (added via VPN> IPsec> Pre-Shared Keys) appeared as source network in outbound NAT in auto mode.
Looks good, though system_patches showed - "Patch can NOT be applied cleanly" - when pressing "Test" patch.

#3 Updated by Jim Pingle over 1 year ago

  • Category set to Rules / NAT
  • Target version set to 2.5.0
  • Affected Version set to 2.4.x
  • Affected Architecture All added
  • Affected Architecture deleted ()

#4 Updated by Jim Pingle 10 months ago

  • Status changed from New to Pull Request Review

#5 Updated by Renato Botelho 5 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

Pull request has been merged. Thanks!

#6 Updated by Viktor Gurov 2 months ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20200423.1513 -
adds IP addresses from VPN / IPsec / Pre-Shared Keys pools to auto Outbound NAT

#7 Updated by Jim Pingle 2 months ago

  • Status changed from Resolved to Feedback
  • Target version changed from 2.5.0 to 2.4.5-p1

#8 Updated by Jim Pingle about 2 months ago

  • Status changed from Feedback to Resolved

per-user IPsec subnets are now present in automatic outbound NAT rules.

Also available in: Atom PDF