From owner-freebsd-pf@FreeBSD.ORG Tue Jul 29 22:35:16 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8AAE8B9A for ; Tue, 29 Jul 2014 22:35:16 +0000 (UTC) Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 251482FB5 for ; Tue, 29 Jul 2014 22:35:16 +0000 (UTC) Received: by mail-wi0-f179.google.com with SMTP id f8so1337023wiw.12 for ; Tue, 29 Jul 2014 15:35:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=rYyd5hwuuFzl/xHhScpsiQBD1nOOEWKxZdiNiTGDn3Y=; b=fuR8rq5Sx45cS3lTMOPL1rXAxOoAzNmIk7zDLNH4i8tUQUJ3MLu2xTCGnmuwNE8FtZ yyl9rur0YxLWEr1V+KOUTaFebvgu+FXAdpVvqhA2nyof2rQPF6x7D4g1TWsX4iF501TI oiEEnEyOmrwlPdZJGnjemifUnKa9CzUzVaKfziPOR2Elq6B/8PGpIBk2CAIxOOpIgw4P cqp/VqLzY1+Ajsv7XWHnsXIoEpM9M2Nfvlu7H5zpn31xI75XV3g4OtKvHx6TNGh8WmXI gZbVHlaqTsJhhiYQ6aiLpMgPswNFQ+eNHPiL6yq32+HFkW+GhFr/3plc/Krf6bV7tj57 HFdw== X-Received: by 10.180.20.40 with SMTP id k8mr332436wie.54.1406673314220; Tue, 29 Jul 2014 15:35:14 -0700 (PDT) Received: from ?IPv6:2001:470:78f5:3:901d:db7:af09:1b6b? ([2001:470:78f5:3:901d:db7:af09:1b6b]) by mx.google.com with ESMTPSA id ey16sm48109422wid.14.2014.07.29.15.35.13 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 29 Jul 2014 15:35:13 -0700 (PDT) From: Sydney Meyer Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: NAT IPSec Traffic with pf Message-Id: <299C59F2-199F-4B27-9BB6-8ECC9FD77FDC@gmail.com> Date: Wed, 30 Jul 2014 00:35:12 +0200 To: freebsd-pf@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) X-Mailer: Apple Mail (2.1878.6) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2014 22:35:16 -0000 Hello everybody, i am trying to get pf to 'nat' outgoing packets originating from a = IPSec-Subnet, as pf simply seems not to translate the address. When = routing the Subnet everything work as intended. After reading the interwebs, i noticed quite some threads reffering that = this particular one would be a known problem with FreeBSD's pf and/or = it's IPSec-Stack. Anyone knows about this? Cheers, S.=