Colleagues, please tell me how I can most correctly implement my task.
There is a certain router that supports several corporate VPNs built using different technologies. Most of them form tun-type interfaces to establish a connection.
These interfaces live their own lives; some of them can be disconnected for some time and then connected in a different sequence. At the same time, tun-device numbers may change.
One of these tunnels is formed by the OpenConnect client. He also lives his own life. His number may also change.
As I understand it, OpenConnect does not have its own mechanism for creating NAT, and I will have to use the NAT of the PF firewall used in this machine.
How can I correctly link the tunnel interface that OpenConnect creates with the NAT functionality of PF so that they always find each other, given that the tunnel number can change?
Thanks in advance,
Ogogon.
There is a certain router that supports several corporate VPNs built using different technologies. Most of them form tun-type interfaces to establish a connection.
These interfaces live their own lives; some of them can be disconnected for some time and then connected in a different sequence. At the same time, tun-device numbers may change.
One of these tunnels is formed by the OpenConnect client. He also lives his own life. His number may also change.
As I understand it, OpenConnect does not have its own mechanism for creating NAT, and I will have to use the NAT of the PF firewall used in this machine.
How can I correctly link the tunnel interface that OpenConnect creates with the NAT functionality of PF so that they always find each other, given that the tunnel number can change?
Thanks in advance,
Ogogon.
