Port forward L2TP from IPSEC connection? Possible?
-
I want to use pfsense to handle IPSEC, and a separate device to handle L2TP.
In pfsense, I have a NAT rule to forward UDP 1701 from the IPSEC interface to the IP address of the other device.
In the NAT settings, I have tried both WAN interface and IPSEC interfaces.
The traffic never leaves pfsense, it is not forwarded.
I'm wondering if pfsense is capturing the L2TP traffic itself for it's own internal L2TP Server, even though the L2TP server is turned off in the pfsense GUI.
-
What settings did you use on each of the fields?
-
Interface IPSEC
Destination Address WLAN IP
Destination Port L2TP to L2TPProtocol UDP
Forward to IP 192.168.x.x (ip of l2tp server)
Forward to Port L2TPI'm using the Windows L2TP IPSEC built in client.
It creates the Phase 1 and Phase 2 and policies, but it doesn't complete connection because the L2TP fails because it isn't forwarded.
-
Why do you have WLAN IP on destination address? Is there some reason you aren't using an IP address from the IPsec interface?
-
The WAN is the correct address. The pfsense should port forward to the L2TP device.