Netgate SG-1000 microFirewall

Author Topic: NAT with dynamic interface address  (Read 338 times)

0 Members and 1 Guest are viewing this topic.

Offline arielmoraes

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
NAT with dynamic interface address
« on: October 17, 2016, 03:50:47 pm »
Hello,

I have to configure in my work place a site to site AnyConnect Cisco VPN.

I'm using the OpenConnect binary to do it and I've managed to create all the rules to get it working, BUT as it gives the Tun interface a new IP every time I create a new connection my NAT rule stops working.

The problem is when I save the rule using the PFSense WebGui it saves the IP address that was given to the interface in that moment and it never gets updated unless I click the save button again.

I can edit the OpenConnect script to add the necessary command to reload the rules, but first I have to update my VPN rule and I dont know how to do that.

My question is how can I do that? Is there a way to create a dynamic NAT rule?

Thank you.
« Last Edit: October 17, 2016, 04:01:54 pm by arielmoraes »

Offline jochen42

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: NAT with dynamic interface address
« Reply #1 on: November 11, 2016, 04:44:14 am »
Hi arielmoraes,

i have the same problem. Did you found a solution for this?

regards, jochen

Offline chrisistheking

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: NAT with dynamic interface address
« Reply #2 on: February 17, 2017, 08:39:32 am »
Also got the same issue - Did anyone manage to figure out a way to do this in the Script. I have to manually go into the GUI > Routing and Click Apply Changes each time the VPN connection is dropped and restarted