Outgoing to 8443
-
@sasa1 said in Outgoing to 8443:
after it has connected to the remote vpn it can no longer access this server from the outside, through a NAT.
What server exactly?
Does that mean it can still access it via the VPN using an internal address?
But, yeah, pfSense would not be doing anything there. If the client sends all of it's traffic over a VPN pfSense only sees the VPN.
Steve
-
Hi,
the problem is that after connecting in VPN my server "loses" the gateway that refers to pfsense and consequently the NAT (which I did to access the server from the outside) no longer works. -
Oh, you mean like NAT reflection?
So what happens when you try to connect to it with the VPN active?
-
@sasa1 it happens that the PC (behind pfsense) uses as gateway the IP address assigned to it by the remote vpn server
but with pfSense is there the possibility of doing a site-to-site vpn (which is not with IPSec) to make sure that my network (the one behind pfsense) and the remote one are in communication?
Thanks -
@stephenw10 if on my pfsense I make a vpn with the L2TP server can I make sure that the remote client accesses my server that is in the l2tp vpn?
thanks -
It's possible to use L2TP over IPSec but it's generally preferable to use either IPSec directly or OpenVPN.
I'm still not 100% sure what the actual issue is here. Directly connected subnets should still be available to a VPN client. If not then change the client or server settings so it isn't routing all traffic over the VPN.
Steve
-
@stephenw10 if in pfsene I configure a l2tp vpn server can this vpn be bi-directional?
ie my PC behind pfsense (l2tp server) can access the remote network and at the same time the remote l2tp client can access my pc?
thanks. -
l2tp/ipsec is mostly used for client-to-site type setups so would probably not be suitable. You would want to use a site-to-site VPN like IPSec or OpenVPN.
Can you give us a diagram of what you need to achieve?
Steve
-
@stephenw10 Isn't an VPN Openswan-based also client-to-site?
or with openswan you can also make a site-to-site vpn?
Thanks. -
OpenVPN can be configured as either.
