One Nic install for VPN
-
Hi all,
I've got a setup (simplified) as follows…
Interweb <---->Router<------>Pfsense
<------>other PCI've got an IPSec VPN up and connecting, which is great. Despite a lot of googling and trial and error, I can't solve the routing so that the VPN client can connect to "Other PC".
-outbound NAT on auto
-Firewall > rules > IPSec - rule created from * to * passesIn a way, I think I'm looking to bind IpSec back to the Wan - as this is a single nic installation. Has anyone got any ideas???
-
As along as the "other PC" has either it's default gateway or a rout set to the pfSense you should be good to go.
Also might be worth checking your firewall rules on the IPsec interface on the pfSense.
-
PFSense's only got one nic though, I don't think you can use a wan-designated port as a gateway?
-
I've done it with OpenVPN, the pfSense had one NIC and initiated the tunnel. Any client that needed to traverse the tunnel either had it's default gateway set or had a route added to it. I don't see it working any differently with IPsec.
-
As per diagram above, I'm connecting from a remote client (192.168.1.0/24) to pfsense, which is on 192.168.0.0/24.
The router pfsense is behind is 192.168.0.2. Also, ipsec client will be 192.168.99.0/24.
Added a rule on that router (192.168.0.2) for anything 192.168.99.0/24 directs towards pfsense (192.168.0.110).
Still, the VPN client(192.168.1.137 or virtually 192.168.99.1) cannot access anything on the other side of the tunnel, nor can a PC on the 192.168.0.0/24 network ping the client. Only concerned about the former though.
Looks like it'll be a long weekend…