Access service in device connected via IPSEC trought public IP
-
Hi!
I have this scenario:
I need access service in 7700 port in 192.168.17.10 that connect to pfsense from IPSEC Tunnel.
Then i created a port forward in Firewall -> NAT:
Source: Any
Destination: WAN Address
Destination Port Range: 25001
Redirect Target IP: 192.168.17.10
Redirect Target Port: 7700but i can't access the service. I missing anything? Thanks a lot!
-
What subnets is your IPSec tunnel carrying? Is it using VTI (route based)?
It will have to carry traffic from any external IP so forwarded traffic matches it.
Steve
-
Hi!
My Configurations on IPSEC:Local Network: LAN NET
Remote Network: 192.168.17.0/24I think i'm not using VTI.
I have change local network to Any to carry traffic from any external IP?
-
@felipefonsecabh said in Access service in device connected via IPSEC trought public IP:
I have change local network to Any to carry traffic from any external IP?
Yes, if you are using policy based IPSec and need to keep using that. The policy has to match that traffic and the source IP could be any IP.
But if you do that it will match traffic at the other end for 'any' destination. All traffic from site1 will go over the IPSec tunnel. Which you probably don't want.
A route based VPN tunnel of some sort would give you more options.
