Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing instead of NAT between sites

    Scheduled Pinned Locked Moved Routing and Multi WAN
    6 Posts 2 Posters 98 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      idarlund
      last edited by

      Hi,

      I've got a setup where I have Wireguard VPN between two sites. I have set up static routing tables so that traffic between private IPv4 ranges on both sites can talk to each-other over the VPN.

      Site1: 10.5.10.0/24
      WG tunnel 10.2.56.1 <-> 10.2.56.85
      Site2: 10.6.66.0/24

      When sending a package from a client (10.6.6.66) on site2, to a client (10.5.10.105) on site1 I can see in tcpdump that the package is NATed:

      13:52:42.700102 eth0 In  IP 10.2.56.85 > 10.5.10.105: ICMP echo request, id 32, seq 1, length 64
13:52:42.700152 eth0 Out IP 10.5.10.105 > 10.2.56.85: ICMP echo reply, id 32, seq 1, length 64

      I also can confirm in the firewall at Site2 that NAT is happening there;

      13:54:29.126837 IP 10.2.56.85 > 10.5.10.105: ICMP echo request, id 33, seq 1, length 64
13:54:29.161781 IP 10.5.10.105 > 10.2.56.85: ICMP echo reply, id 33, seq 1, length 64

      How can I get pfsense to route traffic I want between these sites instead of NATing it?

      Bob.DigB 1 Reply Last reply Reply Quote 0
      • Bob.DigB
        Bob.Dig LAYER 8 @idarlund
        last edited by

        @idarlund said in Routing instead of NAT between sites:

        I have set up static routing tables

        How have you done that.

        I 1 Reply Last reply Reply Quote 0
        • I
          idarlund @Bob.Dig
          last edited by

          @Bob-Dig said in Routing instead of NAT between sites:

          @idarlund said in Routing instead of NAT between sites:

          I have set up static routing tables

          How have you done that.

          b8a8af0c-2f74-45dd-a95e-077046dc914f-image.png

          Bob.DigB 1 Reply Last reply Reply Quote 0
          • Bob.DigB
            Bob.Dig LAYER 8 @idarlund
            last edited by Bob.Dig

            @idarlund Thought so.

            If you don't mind, here is a great video from Christian McDonald explaining it all.

            I 1 Reply Last reply Reply Quote 0
            • I
              idarlund @Bob.Dig
              last edited by idarlund

              @Bob-Dig said in Routing instead of NAT between sites:

              @idarlund Thought so.

              If you don't mind, here is a great video from Christian McDonald explaining it all.

              I don't mind at all. Thanks!
              This is what I love about community. People helping each-other! Also, the best kind of help; nudge people in the right direction without just telling the answer. With this method we'll probably learn something on the road! I will check out the video to see what I did wrong or if it's not possible :)

              1 Reply Last reply Reply Quote 0
              • I
                idarlund
                last edited by

                Thanks again for the video. It solved my problem.

                If anyone bumps into this thread in the future, the static route showed in a screenshot above here was correct, however here's what I did wrong:

                On site2 I had set "IPv4 Upstream gateway" in the interface config to the gateway on site1. This makes pfsense NAT the traffic instead of routing it. Here's a timestamped link to the video where this is explained.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.